From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 3DA71C05027
	for <linux-mm@archiver.kernel.org>; Thu,  2 Feb 2023 18:56:45 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id 9945A6B0072; Thu,  2 Feb 2023 13:56:44 -0500 (EST)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 944606B0073; Thu,  2 Feb 2023 13:56:44 -0500 (EST)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 80C6D6B0074; Thu,  2 Feb 2023 13:56:44 -0500 (EST)
X-Delivered-To: linux-mm@kvack.org
Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17])
	by kanga.kvack.org (Postfix) with ESMTP id 745796B0072
	for <linux-mm@kvack.org>; Thu,  2 Feb 2023 13:56:44 -0500 (EST)
Received: from smtpin08.hostedemail.com (a10.router.float.18 [10.200.18.1])
	by unirelay08.hostedemail.com (Postfix) with ESMTP id 481A81408DE
	for <linux-mm@kvack.org>; Thu,  2 Feb 2023 18:56:44 +0000 (UTC)
X-FDA: 80423258328.08.BB118E7
Received: from mail-yw1-f172.google.com (mail-yw1-f172.google.com [209.85.128.172])
	by imf13.hostedemail.com (Postfix) with ESMTP id 85D3920018
	for <linux-mm@kvack.org>; Thu,  2 Feb 2023 18:56:41 +0000 (UTC)
Authentication-Results: imf13.hostedemail.com;
	dkim=pass header.d=google.com header.s=20210112 header.b=LrK+WfLm;
	spf=pass (imf13.hostedemail.com: domain of jstultz@google.com designates 209.85.128.172 as permitted sender) smtp.mailfrom=jstultz@google.com;
	dmarc=pass (policy=reject) header.from=google.com
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com;
	s=arc-20220608; t=1675364201;
	h=from:from:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:dkim-signature;
	bh=LtNgvCo2oTHEiKopp90V0O7XCGsFhK/RxZsHKCR63ks=;
	b=mEw70S4kELDNiH4mbidqmrQ/Cv8hA1N9Hga0r5m+g8cYXk1GaUGhmgE+k+I4lRiFe4/wlR
	Z7CI4Ki0ziR6xZOU0Orx8SSOuErLsQpWeAc50P+itMhPPJb2sChoLp/vO9TCyg/jSBmy2d
	TELWqzs/JjtIYwcupXAgQoyXz6GtL6E=
ARC-Authentication-Results: i=1;
	imf13.hostedemail.com;
	dkim=pass header.d=google.com header.s=20210112 header.b=LrK+WfLm;
	spf=pass (imf13.hostedemail.com: domain of jstultz@google.com designates 209.85.128.172 as permitted sender) smtp.mailfrom=jstultz@google.com;
	dmarc=pass (policy=reject) header.from=google.com
ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1675364201; a=rsa-sha256;
	cv=none;
	b=bMJ1p/LmpGyxCL6H0XHAZFFGURePMPkc9l+nI+EIxRd3HXUPpgnTqeRDMUqbwrPqe2jC16
	rt/156uu5mVZXHNX7Y1pQ7XPpsSPHwlOeO1RyT3lPNzP1IF816zTinNFFG8zfgTXLvzZRZ
	pxhM/PHXmAL6u0D4Ee/SgCwRW6vztv8=
Received: by mail-yw1-f172.google.com with SMTP id 00721157ae682-5249a65045aso6882577b3.13
        for <linux-mm@kvack.org>; Thu, 02 Feb 2023 10:56:41 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20210112;
        h=cc:to:subject:message-id:date:from:in-reply-to:references
         :mime-version:from:to:cc:subject:date:message-id:reply-to;
        bh=LtNgvCo2oTHEiKopp90V0O7XCGsFhK/RxZsHKCR63ks=;
        b=LrK+WfLmKwdRQHt/LiBQdJnHysNiaPCxZlA7JNmEHd4luIwC2Whh9/6MbF7mlsYTPB
         Jp8rqYjfebQyi24GQKpUvOKei59glITHDUgkAMGHhYhruzxkLCpR45y6fwUBziuJ0VL+
         maFIYp2sQZ9dPkfrCO8Ht83u3RjyIHVTiakAODC4zhCWY3nB+nOD1OWx5rHUfcP5rFad
         WZ1Wp4gsFLmUbhkmtu0qb+jDWKNnejZkucuGqlu+yUO5HTHiXKSU/owrE/ENWvD6krcu
         Yas6UOaq4YmJnkr4sBt9taPWvDWTEeusQezaLsW8Ffld+TLhuSpgczdR0xEit/12dZUx
         Ywlw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=cc:to:subject:message-id:date:from:in-reply-to:references
         :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=LtNgvCo2oTHEiKopp90V0O7XCGsFhK/RxZsHKCR63ks=;
        b=ymqddWNv29V35F5e/yKLUnD9oRMUSD5KhIRCPxFeKkp8NF7PxB5thb0Q25LHzA2UcD
         czdPzOToRLLULfogPodBYs8O1O28l2TBMojbAdTAM+obvQ73Utbe0gKJknSM3Hg8OfyZ
         jCMzfbcUtqjnw5gXwMts6OzUoi0qTv2vvXMnRpcFJLRPx94ygFobrciDgtcYwp7j1gUm
         SsRueuVV2fEFZ2/em8yPX4ozAHS5FYFL1bvnU5asZ3JISrRFym8eTUsMxG+X8M4cqkuy
         ad/e+X6COnAZQyOEFoAEGr4DATc60pBJH0sK5aEb43VuBz8d5dXZO0Z1KnJ5K9OMCvyj
         WKOQ==
X-Gm-Message-State: AO0yUKVUI9ELuzOTLs7di9xJHEfK8Al61VIAu88NgqLLPKmUVEjKEHWl
	smZWsZIh+JpDT+74rUUi+eOvdmIBU0EuTE7kKFMJ
X-Google-Smtp-Source: AK7set+OUDqGn8Z+7j+Ty2VVT8mhQmN6lNPvR4vFF+dIe6K2N8c9ihLcTibuzT6TLRDAmatY0gIn7AIA6gKd2v9lV6U=
X-Received: by 2002:a05:690c:82c:b0:500:81cf:8017 with SMTP id
 by12-20020a05690c082c00b0050081cf8017mr811909ywb.212.1675364200573; Thu, 02
 Feb 2023 10:56:40 -0800 (PST)
MIME-Version: 1.0
References: <20221101222520.never.109-kees@kernel.org> <20221101223321.1326815-5-keescook@chromium.org>
 <CAMSo37W3gRkP02tSCxGX71ZDAt3WgPZrkTRTM6J1iQ4gvUS9vg@mail.gmail.com>
 <CANDhNCogJrvt=yEXFK-xVmGjkcRxSNGZUqUeNw2MV9bFRrwPdQ@mail.gmail.com> <63dbf04a.630a0220.2608a.0149@mx.google.com>
In-Reply-To: <63dbf04a.630a0220.2608a.0149@mx.google.com>
From: John Stultz <jstultz@google.com>
Date: Thu, 2 Feb 2023 10:56:29 -0800
Message-ID: <CANDhNCoJJs_jSAdr6uved=cK=-6+nzSJq3e_E3HgtiXHZXkVww@mail.gmail.com>
Subject: Re: [PATCH 5/6] driver core: Add __alloc_size hint to devm allocators
To: Kees Cook <keescook@chromium.org>
Cc: Yongqin Liu <yongqin.liu@linaro.org>, Vlastimil Babka <vbabka@suse.cz>, 
	Greg Kroah-Hartman <gregkh@linuxfoundation.org>, Rasmus Villemoes <rasmus.villemoes@prevas.dk>, 
	Thomas Gleixner <tglx@linutronix.de>, Jason Gunthorpe <jgg@ziepe.ca>, Nishanth Menon <nm@ti.com>, 
	Michael Kelley <mikelley@microsoft.com>, Dan Williams <dan.j.williams@intel.com>, 
	Won Chung <wonchung@google.com>, David Gow <davidgow@google.com>, 
	Christoph Lameter <cl@linux.com>, Pekka Enberg <penberg@kernel.org>, David Rientjes <rientjes@google.com>, 
	Joonsoo Kim <iamjoonsoo.kim@lge.com>, Roman Gushchin <roman.gushchin@linux.dev>, 
	Hyeonggon Yoo <42.hyeyoo@gmail.com>, Guenter Roeck <linux@roeck-us.net>, 
	Andy Shevchenko <andriy.shevchenko@intel.com>, Paolo Abeni <pabeni@redhat.com>, 
	Geert Uytterhoeven <geert@linux-m68k.org>, Nathan Chancellor <nathan@kernel.org>, 
	Nick Desaulniers <ndesaulniers@google.com>, Tom Rix <trix@redhat.com>, linux-kernel@vger.kernel.org, 
	linux-mm@kvack.org, linux-hardening@vger.kernel.org, llvm@lists.linux.dev, 
	Sumit Semwal <sumit.semwal@linaro.org>
Content-Type: text/plain; charset="UTF-8"
X-Rspamd-Server: rspam05
X-Rspamd-Queue-Id: 85D3920018
X-Stat-Signature: 6en7o3j8ouip97p1aj4wh7j1zsokr9e3
X-Rspam-User: 
X-HE-Tag: 1675364201-158279
X-HE-Meta: U2FsdGVkX19aYgKLw0IJxEhiK/eID34KDrBat47jpPP19n3eI9v+P10gGhivVXXFV3ckmwuaUP2fCgkveKIJ56HYZzL3IZqdB5LL4Q2upyn5D4i04eZtYL8DTwBkb3OpkG8cQ6m8i0wKwoTkbtICGHE4eXoX7cuKYAvD5He5JuQjDxp8pLO9IPdnUS444Lu30k+F3SMzEoPPtiPydB0sbtZ6tVM1q9iWI2u76LsptJ6C0qDXM9A09xxBnxYLqeF1isyEHBzgLH58AUcmHXA2iYKLC0S3Z38Q2mR+tb+bXo8a4LxEsoOuwVYptncCLD8kI+0uoMN+YxcerfEDsa/L2cqburM+tP8cMC+8VXedukaTTGtaJwL4skB77wJjjZdyxi5H9EiS6IV5kf3IhRxCYDlfxyHo8pHSRXQ9qir0WERWIZp1KcRdJqv5vwyLz/d2PyLWpxmqT0Eb9vRyxyaNifzyvGRQuMjyJJP52URgT2h3FzbZ/J/9Qs2XKZOEV0MlzWt3cdeSzMhjtSz+cAqh0j52757P/UAW/sjSIiFegkFsjXm2BdK81c8CtnKr9hzGutD8s/JRm2Z9TecKZRkSnVSqx050F2C5V5i2IcXR1cQcPR0lg5ghlIvkrKK01Tt6vk8rgdjsbzAiDVCesEW2XkZnnuFN3GDK0K4s+yWUP1OPwk7+26rU42xRT2uBglpYxYXVgYZG8Y1WXX36hCFJMbyByYnnFxp7rst/6maWyKhmsLx4PTbbD7syXC3C2FZ/8iT1pFJafsVhXmksBbkxfYxFQRLdtEdNQSU6sgOqVaJpPk2pJbdnpSrWaTTgj23q2vpokt/EOKzrZAVvp663g1i0FiS2kNshwMcvmn4/WA1hmu9CaqoWnmEDNE1FuD7iROMeFi2kvhOmwb+y+bGbqWGuB/3yIfiyXUUiBVjFme/5VEqWZ9YW8wad3Hr4EBi6badNnSPs0KgE/T2Pp0L
 mSwXLW5e
 g1A7CjiyV1blos0xqs5gyQFID6NcLO3RidtYNRImXYQEUZudg9OYXISjAd08zy07d0TStgluYI3qFVr+JLOhZ/TnBMAWjJaISZLgC/Eb95TV7ze2jdh0D5hYrlMi8tvmwu4gkvOJZw0TcSFXIKrhGH8QWegePL5CspsjHw2hUugC6RSrfI+ksTFAwDD7bmD5KllG8gWiALNAffWDcnzP6OsNIFc/nAE69Zx1ndlkaawK+0/HtXyUaeNRR+1CrregrtZNn0SIzkAtPiIMKFcoOwgwaQI5lwq6XFYRGqvNLSIaCTz1s1szQksZvaUUNkOcAdgkVQEfv8qfmTmvUF6lWod0UqyODeXYFRvE6rNq4C+HLxjXJ4b8MnMU888hlUO27je1NZ1glfX6Y4K2jPXCq8EHpi3n9/xhAAlUqlqTgp0F2ZHkcYcUfozXqrukun7hm0iEdNb8Y2VKmwAPK9lLyFC8AxaYjMQ/fkb7t
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

On Thu, Feb 2, 2023 at 9:18 AM Kees Cook <keescook@chromium.org> wrote:
> On Wed, Feb 01, 2023 at 12:11:41AM -0800, John Stultz wrote:
> > On Tue, Jan 31, 2023 at 11:36 PM Yongqin Liu <yongqin.liu@linaro.org> wrote:
> > > This change causes "Kernel panic - not syncing: BRK handler: Fatal exception"
> > > for the android-mainline based hikey960 build, with this commit reverted,
> > > there is no problem for the build to boot to the homescreen.
> > > Not sure if you have any idea about it and give some suggestions.
> > >
> > > Here is part of the kernel panic log:
...
> > Here as nr_sensors=1, we allocate only one structure for the array.
> > But then below that, we modify two entries, writing past the valid
> > array, and corrupting data when writing the second sensor values.
> >
> > data->sensor[0].id = HI3660_BIG_SENSOR;
> > data->sensor[0].irq_name = "tsensor_a73";
> > data->sensor[0].data = data;
> >
> > data->sensor[1].id = HI3660_LITTLE_SENSOR;
> > data->sensor[1].irq_name = "tsensor_a53";
> > data->sensor[1].data = data;
> >
> > I suspect nr_sensors needs to be set to 2.
> >
> > Nice work, Kees!
>
> Yay for compilers! :)

Well, I know it's not trivial to make the compilers catch these
things, so yay for you and others putting in all the effort on this as
well.

That said, making sense of the error message isn't completely trivial
either. I've been seeing a few cases recently of some of the new
compiler tooling (I pinged you earlier on a CFI one) causing errors
that developers aren't really sure how to address.  I know sometimes
it's not easy to surface the errors with context to what was wrong,
but at the risk of intense bike shedding, is there some way to provide
something like "Likely array bounds error" instead of just "BRK
handler: Fatal exception"?

> Was a patch sent to fix this driver?

I think YongQin is looking into it (either setting the nr_sensors
value to 2 or dropping the second sensor access).

thanks
-john