[linux-next:master 8858/10077] fs/statfs.c:131:3: warning: 'memcpy' will always overflow; destination buffer has size 64, but size argument is 84

linux-mm.kvack.org archive mirror
 help / color / mirror / Atom feed

From: kernel test robot <lkp@intel.com>
To: Kees Cook <keescook@chromium.org>
Cc: clang-built-linux@googlegroups.com, kbuild-all@lists.01.org,
	Linux Memory Management List <linux-mm@kvack.org>
Subject: [linux-next:master 8858/10077] fs/statfs.c:131:3: warning: 'memcpy' will always overflow; destination buffer has size 64, but size argument is 84
Date: Wed, 25 Aug 2021 05:59:01 +0800	[thread overview]
Message-ID: <202108250548.HB9OXC36-lkp@intel.com> (raw)

[-- Attachment #1: Type: text/plain, Size: 7850 bytes --]

tree:   https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git master
head:   372b2891c15acbf7b90d948b08ac174bde77102c
commit: 185e297653a7e0431db813764d2efb9ffd09160c [8858/10077] fortify: Explicitly disable Clang support
config: i386-randconfig-a016-20210824 (attached as .config)
compiler: clang version 14.0.0 (https://github.com/llvm/llvm-project d26000e4cc2bc65e207a84fa26cb6e374d60aa12)
reproduce (this is a W=1 build):
        wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
        chmod +x ~/bin/make.cross
        # https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=185e297653a7e0431db813764d2efb9ffd09160c
        git remote add linux-next https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git
        git fetch --no-tags linux-next master
        git checkout 185e297653a7e0431db813764d2efb9ffd09160c
        # save the attached .config to linux build tree
        COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross ARCH=i386 

If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>

All warnings (new ones prefixed by >>):

   clang-14: warning: optimization flag '-falign-jumps=0' is not supported [-Wignored-optimization-argument]
   In file included from fs/statfs.c:2:
   In file included from include/linux/syscalls.h:76:
   In file included from include/uapi/linux/aio_abi.h:31:
   In file included from include/linux/fs.h:6:
   In file included from include/linux/wait_bit.h:8:
   In file included from include/linux/wait.h:9:
   In file included from include/linux/spinlock.h:51:
   In file included from include/linux/preempt.h:78:
   In file included from arch/x86/include/asm/preempt.h:7:
   In file included from include/linux/thread_info.h:60:
   arch/x86/include/asm/thread_info.h:172:13: warning: calling '__builtin_frame_address' with a nonzero argument is unsafe [-Wframe-address]
           oldframe = __builtin_frame_address(1);
                      ^~~~~~~~~~~~~~~~~~~~~~~~~~
   arch/x86/include/asm/thread_info.h:174:11: warning: calling '__builtin_frame_address' with a nonzero argument is unsafe [-Wframe-address]
                   frame = __builtin_frame_address(2);
                           ^~~~~~~~~~~~~~~~~~~~~~~~~~
   In file included from fs/statfs.c:2:
   In file included from include/linux/syscalls.h:87:
   In file included from include/trace/syscall.h:7:
   In file included from include/linux/trace_events.h:10:
   In file included from include/linux/perf_event.h:49:
   In file included from include/linux/ftrace.h:22:
   arch/x86/include/asm/ftrace.h:7:3: error: Compiler does not support fentry?
   # error Compiler does not support fentry?
     ^
   In file included from fs/statfs.c:2:
   In file included from include/linux/syscalls.h:87:
   In file included from include/trace/syscall.h:7:
   In file included from include/linux/trace_events.h:10:
   In file included from include/linux/perf_event.h:49:
   include/linux/ftrace.h:843:9: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address]
           addr = CALLER_ADDR1;
                  ^~~~~~~~~~~~
   include/linux/ftrace.h:830:38: note: expanded from macro 'CALLER_ADDR1'
   #define CALLER_ADDR1 ((unsigned long)ftrace_return_address(1))
                                        ^~~~~~~~~~~~~~~~~~~~~~~~
   include/linux/ftrace.h:823:36: note: expanded from macro 'ftrace_return_address'
   #  define ftrace_return_address(n) __builtin_return_address(n)
                                      ^~~~~~~~~~~~~~~~~~~~~~~~~~~
   include/linux/ftrace.h:846:9: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address]
           return CALLER_ADDR2;
                  ^~~~~~~~~~~~
   include/linux/ftrace.h:831:38: note: expanded from macro 'CALLER_ADDR2'
   #define CALLER_ADDR2 ((unsigned long)ftrace_return_address(2))
                                        ^~~~~~~~~~~~~~~~~~~~~~~~
   include/linux/ftrace.h:823:36: note: expanded from macro 'ftrace_return_address'
   #  define ftrace_return_address(n) __builtin_return_address(n)
                                      ^~~~~~~~~~~~~~~~~~~~~~~~~~~
>> fs/statfs.c:131:3: warning: 'memcpy' will always overflow; destination buffer has size 64, but size argument is 84 [-Wfortify-source]
                   memcpy(&buf, st, sizeof(*st));
                   ^
   arch/x86/include/asm/string_32.h:182:25: note: expanded from macro 'memcpy'
   #define memcpy(t, f, n) __builtin_memcpy(t, f, n)
                           ^
   5 warnings and 1 error generated.


vim +/memcpy +131 fs/statfs.c

c8b91accfa1059 Al Viro 2011-03-12  125  
c8b91accfa1059 Al Viro 2011-03-12  126  static int do_statfs_native(struct kstatfs *st, struct statfs __user *p)
c8b91accfa1059 Al Viro 2011-03-12  127  {
c8b91accfa1059 Al Viro 2011-03-12  128  	struct statfs buf;
7ed1ee6118ae77 Al Viro 2010-03-23  129  
c8b91accfa1059 Al Viro 2011-03-12  130  	if (sizeof(buf) == sizeof(*st))
c8b91accfa1059 Al Viro 2011-03-12 @131  		memcpy(&buf, st, sizeof(*st));
7ed1ee6118ae77 Al Viro 2010-03-23  132  	else {
c8b91accfa1059 Al Viro 2011-03-12  133  		if (sizeof buf.f_blocks == 4) {
c8b91accfa1059 Al Viro 2011-03-12  134  			if ((st->f_blocks | st->f_bfree | st->f_bavail |
c8b91accfa1059 Al Viro 2011-03-12  135  			     st->f_bsize | st->f_frsize) &
7ed1ee6118ae77 Al Viro 2010-03-23  136  			    0xffffffff00000000ULL)
7ed1ee6118ae77 Al Viro 2010-03-23  137  				return -EOVERFLOW;
7ed1ee6118ae77 Al Viro 2010-03-23  138  			/*
7ed1ee6118ae77 Al Viro 2010-03-23  139  			 * f_files and f_ffree may be -1; it's okay to stuff
7ed1ee6118ae77 Al Viro 2010-03-23  140  			 * that into 32 bits
7ed1ee6118ae77 Al Viro 2010-03-23  141  			 */
c8b91accfa1059 Al Viro 2011-03-12  142  			if (st->f_files != -1 &&
c8b91accfa1059 Al Viro 2011-03-12  143  			    (st->f_files & 0xffffffff00000000ULL))
7ed1ee6118ae77 Al Viro 2010-03-23  144  				return -EOVERFLOW;
c8b91accfa1059 Al Viro 2011-03-12  145  			if (st->f_ffree != -1 &&
c8b91accfa1059 Al Viro 2011-03-12  146  			    (st->f_ffree & 0xffffffff00000000ULL))
7ed1ee6118ae77 Al Viro 2010-03-23  147  				return -EOVERFLOW;
7ed1ee6118ae77 Al Viro 2010-03-23  148  		}
7ed1ee6118ae77 Al Viro 2010-03-23  149  
c8b91accfa1059 Al Viro 2011-03-12  150  		buf.f_type = st->f_type;
c8b91accfa1059 Al Viro 2011-03-12  151  		buf.f_bsize = st->f_bsize;
c8b91accfa1059 Al Viro 2011-03-12  152  		buf.f_blocks = st->f_blocks;
c8b91accfa1059 Al Viro 2011-03-12  153  		buf.f_bfree = st->f_bfree;
c8b91accfa1059 Al Viro 2011-03-12  154  		buf.f_bavail = st->f_bavail;
c8b91accfa1059 Al Viro 2011-03-12  155  		buf.f_files = st->f_files;
c8b91accfa1059 Al Viro 2011-03-12  156  		buf.f_ffree = st->f_ffree;
c8b91accfa1059 Al Viro 2011-03-12  157  		buf.f_fsid = st->f_fsid;
c8b91accfa1059 Al Viro 2011-03-12  158  		buf.f_namelen = st->f_namelen;
c8b91accfa1059 Al Viro 2011-03-12  159  		buf.f_frsize = st->f_frsize;
c8b91accfa1059 Al Viro 2011-03-12  160  		buf.f_flags = st->f_flags;
c8b91accfa1059 Al Viro 2011-03-12  161  		memset(buf.f_spare, 0, sizeof(buf.f_spare));
c8b91accfa1059 Al Viro 2011-03-12  162  	}
c8b91accfa1059 Al Viro 2011-03-12  163  	if (copy_to_user(p, &buf, sizeof(buf)))
c8b91accfa1059 Al Viro 2011-03-12  164  		return -EFAULT;
7ed1ee6118ae77 Al Viro 2010-03-23  165  	return 0;
7ed1ee6118ae77 Al Viro 2010-03-23  166  }
7ed1ee6118ae77 Al Viro 2010-03-23  167  

:::::: The code at line 131 was first introduced by commit
:::::: c8b91accfa1059d5565443193d89572eca2f5dd6 clean statfs-like syscalls up

:::::: TO: Al Viro <viro@zeniv.linux.org.uk>
:::::: CC: Al Viro <viro@zeniv.linux.org.uk>

---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org

[-- Attachment #2: .config.gz --]
[-- Type: application/gzip, Size: 31883 bytes --]

next             reply	other threads:[~2021-08-24 21:59 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-08-24 21:59 kernel test robot [this message]
2021-08-25  2:17 ` Kees Cook
2021-08-25  2:41   ` Nathan Chancellor

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=202108250548.HB9OXC36-lkp@intel.com \
    --to=lkp@intel.com \
    --cc=clang-built-linux@googlegroups.com \
    --cc=kbuild-all@lists.01.org \
    --cc=keescook@chromium.org \
    --cc=linux-mm@kvack.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox