lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Wed, 13 Mar 2024 13:45:50 -0400
From: Steven Rostedt <rostedt@...dmis.org>
To: Nathan Chancellor <nathan@...nel.org>
Cc: LKML <linux-kernel@...r.kernel.org>, Linux Trace Kernel
 <linux-trace-kernel@...r.kernel.org>, Masami Hiramatsu
 <mhiramat@...nel.org>, Mathieu Desnoyers <mathieu.desnoyers@...icios.com>,
 kernel test robot <lkp@...el.com>, llvm@...ts.linux.dev
Subject: Re: [PATCH] tracing: Use strcmp() in __assign_str() WARN_ON() check

On Wed, 13 Mar 2024 09:59:03 -0700
Nathan Chancellor <nathan@...nel.org> wrote:

> > Reported-by: kernel test robot <lkp@...el.com>
> > Closes: https://lore.kernel.org/oe-kbuild-all/202402292111.KIdExylU-lkp@intel.com/
> > Fixes: 433e1d88a3be ("tracing: Add warning if string in __assign_str() does not match __string()")  
> 
> Is this change destined for 6.9 or 6.10? I applied it to current
> trace/core (eb1533d156d3) along with 51270d573a8d but the warning is
> still present. I even tried
> 
>     __builtin_choose_expr(__is_constexpr((src)),
>                          strcmp((src), __data_offsets.dst##_ptr_),
>                          (src) != __data_offsets.dst##_ptr_));
> 
> but not even that silenced the warning. I think we will still need a
> diag directive to fully silence this warning.

Yes, you said that the warning is still there, but the bug it shows should
not be.

I believe that's because clang still evaluates the (src) != ... even when
the source is a contast and it warns about it. But if src is a constant, we
do not want to do the !=, we want to do the slower strcmp().

Let me test to make sure that when src is a string "like this" that it does
the strcmp(). Otherwise, we may have to always do the strcmp(), which I
really would like to avoid.

BTW, I triggered another bug with strcmp():

  https://lore.kernel.org/all/20240313093454.3909afe7@gandalf.local.home/

-- Steve

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ