lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Tue, 7 Jun 2022 10:15:41 -0500
From:   Segher Boessenkool <segher@...nel.crashing.org>
To:     David Laight <David.Laight@...LAB.COM>
Cc:     "'Michael Ellerman'" <mpe@...erman.id.au>,
        Bagas Sanjaya <bagasdotme@...il.com>,
        "linuxppc-dev@...ts.ozlabs.org" <linuxppc-dev@...ts.ozlabs.org>,
        Anders Roxell <anders.roxell@...aro.org>,
        Arnd Bergmann <arnd@...db.de>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        Nicholas Piggin <npiggin@...il.com>,
        Paul Mackerras <paulus@...ba.org>,
        Yang Li <yang.lee@...ux.alibaba.com>
Subject: Re: outside array bounds error on ppc64_defconfig, GCC 12.1.0

On Tue, Jun 07, 2022 at 02:23:25PM +0000, David Laight wrote:
> > I don't see a really simple fix. I tried clamping the size parameter to
> > do_byte_reverse() with max(), but that didn't work :/
> 
> I had a quick look at the code - it is somewhat horrid!
> Not really surprising the compiler is confused.
> Although it shouldn't be outputting that error message
> unless it is certain.

No.  It is a warning message, and the compiler should output it for all
code it finds suspicious.  The conditions for this could be improved for
sure, but it is and will remain a heuristic affair, so using -Werror
with is is akin to self-flagellation.

It is not an error, it is a warning.  The correct response to it when
you determine it is not an error, or even you do not want to deal with
it now, is to ignore it.  Which -Werror prevents, one of the ways that
that warning flag is counterproductive to use.

> Could it be re-written to read the data into an __u128
> (or whatever the compiler type is).
> Optionally byteswap the entire thing (swap the words and
> then byteswap each word).
> The do a put_user_8/16/32/64() to write out the value.
> 
> I think that would remove all the memory accesses and make
> it a lot faster as well.

Yes, the warning sometimes fires for correct code that is "merely" next
to impossible to read.  It may well improve even the performance of the
code if the code is rewritten.

But it also may introduce new bugs, or anything else detrimental.  It
is yakshaving extraordinaire to do this every time a compiler warning
points out something doesn't smell quite right :-)


Segher

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ