| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <202201311410.EA1999F5@keescook>
Date: Mon, 31 Jan 2022 14:30:47 -0800
From: Kees Cook <keescook@...omium.org>
To: ci_notify@...aro.org
Cc: linaro-kernel@...ts.linaro.org, arnd@...aro.org,
linux-hardening@...r.kernel.org
Subject: Re: [TCWG CI] Regression caused by linux: Makefile: Enable
-Warray-bounds
On Sun, Jan 30, 2022 at 01:00:43AM +0000, ci_notify@...aro.org wrote:
> [TCWG CI] Regression caused by linux: Makefile: Enable -Warray-bounds:
> commit d4e0dad4a0cd00d1518f2105ccbfee17e2aa44a7
> Author: Kees Cook <keescook@...omium.org>
>
> Makefile: Enable -Warray-bounds
> [...]
> # 00:00:53 ./arch/arm/include/asm/io.h:113:9: error: array subscript 0 is outside array bounds of ‘const volatile void[0]’ [-Werror=array-bounds]
Thanks for the report!
Would it be possible to include the "inlined from" details in the email
summaries? Just getting a header file doesn't say where a header-defined
inline is being used.
For example, extracting from the build log, I can see more:
> 00:00:53 In file included from ./include/linux/io.h:13,
> 00:00:53 from arch/arm/mach-cns3xxx/pm.c:8:
> 00:00:53 In function ‘__raw_readl’,
> 00:00:53 inlined from ‘cns3xxx_pwr_clk_en’ at arch/arm/mach-cns3xxx/pm.c:17:12:
> 00:00:53 ./arch/arm/include/asm/io.h:113:9: error: array subscript 0 is outside array bounds of ‘const volatile void[0]’ [-Werror=array-bounds]
> 00:00:53 113 | asm volatile("ldr %0, %1"
> 00:00:53 | ^~~
Looks like something sees a "void" type... this smells like a compiler
bug. I haven't been able to reproduce this warning yet.
> [...]
> git clone https://git.linaro.org/toolchain/jenkins-scripts
>
> # Fetch manifests and test.sh script
> mkdir -p artifacts/manifests
> curl -o artifacts/manifests/build-baseline.sh https://ci.linaro.org/job/tcwg_kernel-gnu-bisect-gnu-master-arm-next-allmodconfig/45/artifact/artifacts/manifests/build-baseline.sh --fail
> curl -o artifacts/manifests/build-parameters.sh https://ci.linaro.org/job/tcwg_kernel-gnu-bisect-gnu-master-arm-next-allmodconfig/45/artifact/artifacts/manifests/build-parameters.sh --fail
> curl -o artifacts/test.sh https://ci.linaro.org/job/tcwg_kernel-gnu-bisect-gnu-master-arm-next-allmodconfig/45/artifact/artifacts/test.sh --fail
> chmod +x artifacts/test.sh
>
> # Reproduce the baseline build (build all pre-requisites)
> ./jenkins-scripts/tcwg_kernel-build.sh @@ artifacts/manifests/build-baseline.sh
I couldn't find the compiler version anywhere in here. Could you include
the compiler and linker --version output in the build logs too?
Maybe something in tcwg_kernel-build.sh near here, to get either CC or
CROSS_COMPILE + HOSTCC and ld_opt's --version output:
local opts
opts="CC=$(pwd)/bin/${rr[target]}-cc $ld_opt SUBLEVEL=0 EXTRAVERSION=-bisect"
if [ x"${rr[target]}" != x"$(uname -m)" ]; then
opts="$opts ARCH=$(print_kernel_target ${rr[target]})"
opts="$opts CROSS_COMPILE=$(print_gnu_target ${rr[target]})-"
opts="$opts HOSTCC=gcc"
fi
It looks like maybe this is built under Ubuntu bionic? Or maybe focal? I
don't see the warning with any GCC version I've tested with: 11.2.0
(impish), 10.3.0 (hirsute), 9.3.0 (focal), nor 7.5.0 (bionic).
Do you have some further hints about this?
Thanks!
--
Kees Cook
Powered by blists - more mailing lists