From patchwork Thu Feb 1 08:31:35 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Marco Elver X-Patchwork-Id: 13540806 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5278BC47DDF for ; Thu, 1 Feb 2024 08:35:25 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id A50FE6B0071; Thu, 1 Feb 2024 03:35:24 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id A01A76B0075; Thu, 1 Feb 2024 03:35:24 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 8C8E16B0078; Thu, 1 Feb 2024 03:35:24 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id 7D38A6B0071 for ; Thu, 1 Feb 2024 03:35:24 -0500 (EST) Received: from smtpin08.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay04.hostedemail.com (Postfix) with ESMTP id 056571A0841 for ; Thu, 1 Feb 2024 08:35:24 +0000 (UTC) X-FDA: 81742575768.08.0433207 Received: from mail-ed1-f73.google.com (mail-ed1-f73.google.com [209.85.208.73]) by imf10.hostedemail.com (Postfix) with ESMTP id 3F5B9C0016 for ; Thu, 1 Feb 2024 08:35:20 +0000 (UTC) Authentication-Results: imf10.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=Dj9Iwzha; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf10.hostedemail.com: domain of 3x1e7ZQUKCJg6DN6J8GG8D6.4GEDAFMP-EECN24C.GJ8@flex--elver.bounces.google.com designates 209.85.208.73 as permitted sender) smtp.mailfrom=3x1e7ZQUKCJg6DN6J8GG8D6.4GEDAFMP-EECN24C.GJ8@flex--elver.bounces.google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1706776521; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding:in-reply-to: references:dkim-signature; bh=yDijPStjyNK8y9wipx4jasC/bHAVPAFiOvOL8ps5ECY=; b=QvRO8wkKlRH4gz3XqJJQ90BobRLfegF7xPbpQc4zhd8oCd73wGATGfpcPtlPQaN959dGLW UqV6raOkBfwZMkkdnmGMwg1VFBopQyj4+8uRttFZz1FuAef1cm1eg78SXESkwZnYPjfQcD 0nSIINEVVDGzt70wzlzkhXMVgtpR09A= ARC-Authentication-Results: i=1; imf10.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=Dj9Iwzha; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf10.hostedemail.com: domain of 3x1e7ZQUKCJg6DN6J8GG8D6.4GEDAFMP-EECN24C.GJ8@flex--elver.bounces.google.com designates 209.85.208.73 as permitted sender) smtp.mailfrom=3x1e7ZQUKCJg6DN6J8GG8D6.4GEDAFMP-EECN24C.GJ8@flex--elver.bounces.google.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1706776521; a=rsa-sha256; cv=none; b=jRPiWR20aANDNgj9LsMiDa0YwCr+UEIFRWVH6XymMpeF8qbJCiM3xf+Bpx0eir72qeJL09 rTMbyo5Ky8u/8YCSoA0ik5oYz0vEP55FCWhxusKLUe/nlXwTquWO8NS/lffeg13F/HLDe+ HrK4hepnu61T/N5VL1Gtx4883gPyHP8= Received: by mail-ed1-f73.google.com with SMTP id 4fb4d7f45d1cf-558fe4c0c46so494736a12.1 for ; Thu, 01 Feb 2024 00:35:20 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1706776519; x=1707381319; darn=kvack.org; h=cc:to:from:subject:message-id:mime-version:date:from:to:cc:subject :date:message-id:reply-to; bh=yDijPStjyNK8y9wipx4jasC/bHAVPAFiOvOL8ps5ECY=; b=Dj9IwzhaHfiQQ6Ka1NSpnv/fFyErKkIA7ypuSwT8AsLXiBpYnngE71pqijzn8kdj2f Na8AdkP2kLNH30tdlUwBTgXHzw9E470fJjPPemNWmM0vAbHS3KlhXzCDl1USkHFguciK 6xMdp1Vn3/mVOPFYpRnH4n686k6ezPiPhYzyxWh6imUtK4DATHnvkWsm5VqVvYzlPaUc w+IzUmOvjGzD0d9RYNfQIbf7xLTvCeDortYafz9iyZJ/QG3GEqYvNBD45PVSGkN4sqcq KkHoTpnKcEv2XqHlIf6+FknEBK5u2jH1VuR884Sb5FEheTvDKeyL01D2HX83MqiJ5AMU KhKA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1706776519; x=1707381319; h=cc:to:from:subject:message-id:mime-version:date:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=yDijPStjyNK8y9wipx4jasC/bHAVPAFiOvOL8ps5ECY=; b=NP3BKfILo59e7ogSyGj9T7DCF+mfhU5NuGuaRsKWGqoc41xb7n/FF649UROXL17pDb EDvW3YgcIhLELy5Q8xBTOzJzs2BATQKGQMCnbbooZidb1BQbXeBmMt2QpmInUKCTtiw+ Fp2prN0wPThVOE05kb3bSr5uldk9UgVCU/5M4TxkLR0h9oTT2rac1GlayMO2txYSUC9Z /N9Qqva9hRKyQeaF1JCji8Gs/UeDWh8/3VsTBNvAn4Ge1gQ4nVgnbf8baIFdvV/ej4F7 ZPsD7Ey8xFnjim2ZiG+fI9LOW+FXOouw8szSP8RwzFSouZrszClGjA3sUWj8MHHM6eog Gtog== X-Gm-Message-State: AOJu0YzVitq1l8bN9fI9jPixWp/iW09tfuohT/9Br0FCFyhvb9sftTdI DHgEg0PG4l0cfei/2o2azcINcjyxiefE+9zVRkWfsEEunwSo8Ah7LJpHUQloZ4+P2+tiIdvM6w= = X-Google-Smtp-Source: AGHT+IGpYlrXxQ4pf2SgD9UFPN6gxoK9EQuNzVYVVNI/PX8RZh44GlCTq+L5CxRmI95uHiD5ihNh0Vw0Wg== X-Received: from elver.muc.corp.google.com ([2a00:79e0:9c:201:c945:1806:ff53:36fa]) (user=elver job=sendgmr) by 2002:a05:6402:44:b0:55f:2bd3:a896 with SMTP id f4-20020a056402004400b0055f2bd3a896mr10422edu.3.1706776519344; Thu, 01 Feb 2024 00:35:19 -0800 (PST) Date: Thu, 1 Feb 2024 09:31:35 +0100 Mime-Version: 1.0 X-Mailer: git-send-email 2.43.0.429.g432eaa2c6b-goog Message-ID: <20240201083259.1734865-1-elver@google.com> Subject: [PATCH -mm] stackdepot: do not use flex_array_size() in memcpy() From: Marco Elver To: elver@google.com, Andrew Morton Cc: Andrey Konovalov , Alexander Potapenko , Dmitry Vyukov , Vlastimil Babka , linux-kernel@vger.kernel.org, linux-mm@kvack.org, kasan-dev@googlegroups.com, Stephen Rothwell , "Gustavo A . R . Silva" , Kees Cook X-Rspamd-Queue-Id: 3F5B9C0016 X-Rspam-User: X-Rspamd-Server: rspam02 X-Stat-Signature: dic8bg1u31ef316fww74g5gozgrek7dj X-HE-Tag: 1706776520-673739 X-HE-Meta: U2FsdGVkX1+/7w+PKzFhKsph8P9kWPdC9z30sS5YXIwocmttUHirwJHeM8L580AyzrC2wbGSdUlRVrHw0RmQI7STIddpZmH0ky8Mc6eyPqU4UhyEY9xQGiIDt5y9bWMqx6OSTMfD0VT1sTDddygrPhveWRLpIexcqGTeJhAVxde0fxx99+TW0zUWAEQFGSc9T3u6kNF4CE+0GzYz8/rkCKAX4D5mvNhjZpskIlIubtAxW5NdZ8VVF90Hcbm0bVGHDPUOy65465AQCAyZFhPybxJQu8sxN59+oxEx8AWj2rC6sS4nqEaoL+yNc6b2kgtx8bqT80WoGP4on3ATKV35NdngCfQLtHDF+MG6wxg1mTOP9Ipl2KFjIUSMWvMp9PKdNV+7r1XxJ+PtXGW46ka6uI4pDznH89htm96uK0y9srcb5zKASd/k6TODsQn7EjAgDBtHC10X+kCSLhCK49kn9iEa5TWMNwALIf6D5z2yhFubOXMgWOKFh7cbikaEoWAbZpCaT2kN+5atzh0Uh0VFsJ2u1zp8iW11MnNx3wHYgKwZrXNY2PM/6wJk3xCWYVtTAQg5yrXEk0JSVkcE/9/oYY2SxlRtfqJ+VV2176Rr9EhFioVMppRkoXlL99o2BdONRdy8QDdT+k8znQ9kXtavnKXxZEPGh9T8v0WDmU1ERd9lDjyVAWKR3w4q3qJuehNOnCFh0DYNcp+SfbhK4/WqK0kwau8E6YkyFDyzhyClW9KplvvFl08RiGST+UHWh8E7E68hJNze8FdBEyphXP0JMSmW1n64X8FE3S0iD89VBXbNuw5xKzTWywn+WOFS2ilIPEyPnnSFCEzst2iRhpL2dd2Wc7j3rVfsvz7SExZSFKiO/pItfYJMa2nGlHV1cylJMhsoQNQJfK7X7Hkr7R9F8c5fbf01AxEFnrfRO5PwuKcJLdVW7SlJJKNebt5F+m//p49o01VoMephqkAxKWU h4YNE1cH zglcvgIuSMXqIX3d2kM7wOIrr2K1h3SbTu4EjZHqJyfw0OhDlsvpn1xYYbNP36pTmztMKSPFhLYFWGNfFdLpb3wVlEeYhA32sSnikvlSSK9Bc73oTPcf7+m08XNLfDdpdk9xSXKzsvdcS+AVaCuCJ3ldNLI+nDYYK96+GgisyFNdC7WRoxzOHW8EIFhwPDFT3vY65b7Xq/8IZ9NFojK432N1Zn4WSp5rOLLpUvjDRXvebMqDvXANgXqGS+RUONez1bDlBGLpW49u3W3UyFpN4QjNQlpmeoLxN35f5gPv+8nwmtNUIND/NjZxDncqwQWqsi9YNrRUJ3hDlj+SaGgHcdov+++trBUF6GghlVdFbDJlRbiafdnyYiVplj58cJYeb4lJU1MeN7Ho8D9llpi43ZkD19jrJ1QdxZU2FYgt4mvjiOSazkRe8nqNLecckRQAsdRAGnyZgnuE/gWVVGv8e3HNokcD3P5uGdW3d9UD6+WqPQA6QMPoWt95NBI7Q2yvsYw3gkmbiesEO0KyQbsMrAh9btiJOPIz5R4R7wC0eFLepFhl/bNXhHFWbzGoQtKIg7gqs8v1oNyv2Ts4E+25fvBkoFRMPE38oyuWG03Ki0nv7VV1zl+vV6XftUTEsApPeBE7ZANPi2+qMfj2RGmayVTiCbtAg+QzTNyvnvn73tECg/mvcQjNUL2xWnWJXCQnFhIk11mC9O39ZafVBV9iKVjwP+t07+cwmwVvZ/8blrhcyw2XTcULLOaN5z0S9DT4DJvS7K6z9cTYxtJZNGfVcO6JSBA5EU+fRFm674OGGuTxrQTjBCIOSg36mPEbtIZ3KUnmd X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: Since 113a61863ecb ("Makefile: Enable -Wstringop-overflow globally") string overflow checking is enabled by default. Unfortunately the compiler still isn't smart enough to always see that the size will never overflow. Specifically, in stackdepot, we have this before memcpy()'ing a stacktrace: if (nr_entries > CONFIG_STACKDEPOT_MAX_FRAMES) nr_entries = CONFIG_STACKDEPOT_MAX_FRAMES; ... memcpy(stack->entries, entries, flex_array_size(stack, entries, nr_entries)); Where 'entries' is an array of unsigned long, and STACKDEPOT_MAX_FRAMES is 64 by default (configurable up to 256), thus the maximum size in bytes (on 32-bit) would be 1024. For some reason the compiler (GCC 13.2.0) assumes that an overflow may be possible and flex_array_size() can return SIZE_MAX (4294967295 on 32-bit), resulting in this warning: In function 'depot_alloc_stack', inlined from 'stack_depot_save_flags' at lib/stackdepot.c:688:4: arch/x86/include/asm/string_32.h:150:25: error: '__builtin_memcpy' specified bound 4294967295 exceeds maximum object size 2147483647 [-Werror=stringop-overflow=] 150 | #define memcpy(t, f, n) __builtin_memcpy(t, f, n) | ^~~~~~~~~~~~~~~~~~~~~~~~~ lib/stackdepot.c:459:9: note: in expansion of macro 'memcpy' 459 | memcpy(stack->entries, entries, flex_array_size(stack, entries, nr_entries)); | ^~~~~~ cc1: all warnings being treated as errors Silence the false positive warning by inlining the multiplication ourselves. Link: https://lore.kernel.org/all/20240201135747.18eca98e@canb.auug.org.au/ Fixes: d869d3fb362c ("stackdepot: use variable size records for non-evictable entries") Reported-by: Stephen Rothwell Signed-off-by: Marco Elver Cc: Gustavo A. R. Silva Cc: Kees Cook --- lib/stackdepot.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/stackdepot.c b/lib/stackdepot.c index 8f3b2c84ec2d..e6047f58ad62 100644 --- a/lib/stackdepot.c +++ b/lib/stackdepot.c @@ -456,7 +456,7 @@ depot_alloc_stack(unsigned long *entries, int nr_entries, u32 hash, depot_flags_ stack->hash = hash; stack->size = nr_entries; /* stack->handle is already filled in by depot_pop_free_pool(). */ - memcpy(stack->entries, entries, flex_array_size(stack, entries, nr_entries)); + memcpy(stack->entries, entries, nr_entries * sizeof(entries[0])); if (flags & STACK_DEPOT_FLAG_GET) { refcount_set(&stack->count, 1);