lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Thu, 21 Mar 2024 15:41:41 +0100
From: Heiko Carstens <hca@...ux.ibm.com>
To: "Jason J. Herne" <jjherne@...ux.ibm.com>
Cc: Anthony Krowiak <akrowiak@...ux.ibm.com>, linux-s390@...r.kernel.org,
        linux-kernel@...r.kernel.org, pasic@...ux.ibm.com,
        borntraeger@...ibm.com, agordeev@...ux.ibm.com, gor@...ux.ibm.com
Subject: Re: [PATCH v3 0/5] s390/vfio-ap: ap_config sysfs attribute for
 mdevctl automation

Hi Jason,

> > In function ‘bitmap_copy’,
> >      inlined from ‘ap_matrix_copy’ at drivers/s390/crypto/vfio_ap_ops.c:1674:2,
> >      inlined from ‘ap_config_store’ at drivers/s390/crypto/vfio_ap_ops.c:1696:2:
> > ./include/linux/bitmap.h:253:17: warning: ‘memcpy’ reading 32 bytes from a region of size 0 [-Wstringop-overread]
> >    253 |                 memcpy(dst, src, len);
> >        |                 ^~~~~~~~~~~~~~~~~~~~~
> > In function ‘ap_config_store’:
> > cc1: note: source object is likely at address zero
> 
> I believe that this is a bogus compiler warning. I cannot reproduce it,
> fwiw.
> 
> gcc:     gcc (GCC) 13.2.1 20231205 (Red Hat 13.2.1-6)
> binutls  binutils-2.40-14.fc39
..
> A quick web search seems to indicate gcc throws quite a few
> Wstringop-overread warnings for valid code. I suspect this is
> another example of that.

This might be the case, however the code has to compile without
warnings also with plain gcc 13.2.0 (built from source).

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ