lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <1357597117.5190.4.camel@gandalf.local.home>
Date:	Mon, 07 Jan 2013 17:18:37 -0500
From:	Steven Rostedt <rostedt@...dmis.org>
To:	paulmck@...ux.vnet.ibm.com
Cc:	Josh Triplett <josh@...htriplett.org>,
	linux-kernel@...r.kernel.org, mingo@...e.hu, laijs@...fujitsu.com,
	dipankar@...ibm.com, akpm@...ux-foundation.org,
	mathieu.desnoyers@...ymtl.ca, niv@...ibm.com, tglx@...utronix.de,
	peterz@...radead.org, Valdis.Kletnieks@...edu, dhowells@...hat.com,
	edumazet@...gle.com, darren@...art.com, fweisbec@...il.com,
	sbw@....edu, patches@...aro.org, markus@...ppelsdorf.de
Subject: Re: [PATCH tip/core/rcu 4/6] rcu: Silence compiler array
 out-of-bounds false positive

On Mon, 2013-01-07 at 09:19 -0800, Paul E. McKenney wrote:
> On Mon, Jan 07, 2013 at 09:16:02AM -0800, Paul E. McKenney wrote:
> > On Mon, Jan 07, 2013 at 07:50:02AM -0800, Josh Triplett wrote:
> > > On Sat, Jan 05, 2013 at 09:09:36AM -0800, Paul E. McKenney wrote:
> > > > From: "Paul E. McKenney" <paulmck@...ux.vnet.ibm.com>
> > > > 
> > > > It turns out that gcc 4.8 warns on array indexes being out of bounds
> > > > unless it can prove otherwise.  It gives this warning on some RCU
> > > > initialization code.  Because this is far from any fastpath, add
> > > > an explicit check for array bounds and panic if so.  This gives the
> > > > compiler enough information to figure out that the array index is never
> > > > out of bounds.
> > > > 
> > > > However, if a similar false positive occurs on a fastpath, it will
> > > > probably be necessary to tell the compiler to keep its array-index
> > > > anxieties to itself.  ;-)
> > > > 
> > > > Markus Trippelsdorf <markus@...ppelsdorf.de>
> > > > Signed-off-by: Paul E. McKenney <paulmck@...ux.vnet.ibm.com>
> > > > ---
> > > >  kernel/rcutree.c |    4 ++++
> > > >  1 files changed, 4 insertions(+), 0 deletions(-)
> > > > 
> > > > diff --git a/kernel/rcutree.c b/kernel/rcutree.c
> > > > index d145796..e0d9815 100644
> > > > --- a/kernel/rcutree.c
> > > > +++ b/kernel/rcutree.c
> > > > @@ -2938,6 +2938,10 @@ static void __init rcu_init_one(struct rcu_state *rsp,
> > > >  
> > > >  	BUILD_BUG_ON(MAX_RCU_LVLS > ARRAY_SIZE(buf));  /* Fix buf[] init! */
> > > >  
> > > > +	/* Silence gcc 4.8 warning about array index out of range. */
> > > > +	if (rcu_num_lvls > RCU_NUM_LVLS)
> > > > +		panic("rcu_init_one: rcu_num_lvls overflow");
> > > 
> > > Why not write this as BUG_ON(rcu_num_lvls > RCU_NUM_LVLS)?  Given that
> > > the condition in question can never happen, you don't really need an
> > > explanatory message.
> > 
> > Good point, will do!
> 
> Ah, wait, BUG_ON() sometimes compiles to nothingness:
> 
> #ifndef HAVE_ARCH_BUG_ON
> #define BUG_ON(condition) do { if (condition) ; } while(0)
> #endif
> 
> So I do need the explicit "if".  :-(


Bah, those archs shouldn't be bothered with. If they don't want to bug,
then that's there problem :-)

Lots of places in the kernel have BUG_ON() where they require it to
panic.

-- Steve


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ