Re: [PATCH v3] bcachefs: Refactor memcpy into direct assignment

Wed, 18 Oct 2023 19:28:45 -0700 

On Wed, Oct 18, 2023 at 08:32:32PM -0400, Kent Overstreet wrote:
> On Wed, Oct 18, 2023 at 04:07:32PM -0700, Kees Cook wrote:
> > The memcpy() in bch2_bkey_append_ptr() is operating on an embedded fake
> > flexible array which looks to the compiler like it has 0 size. This
> > causes W=1 builds to emit warnings due to -Wstringop-overflow:
> > 
> >    In file included from include/linux/string.h:254,
> >                     from include/linux/bitmap.h:11,
> >                     from include/linux/cpumask.h:12,
> >                     from include/linux/smp.h:13,
> >                     from include/linux/lockdep.h:14,
> >                     from include/linux/radix-tree.h:14,
> >                     from include/linux/backing-dev-defs.h:6,
> >                     from fs/bcachefs/bcachefs.h:182:
> >    fs/bcachefs/extents.c: In function 'bch2_bkey_append_ptr':
> >    include/linux/fortify-string.h:57:33: warning: writing 8 bytes into a 
> > region of size 0 [-Wstringop-overflow=]
> >       57 | #define __underlying_memcpy     __builtin_memcpy
> >          |                                 ^
> >    include/linux/fortify-string.h:648:9: note: in expansion of macro 
> > '__underlying_memcpy'
> >      648 |         __underlying_##op(p, q, __fortify_size);                 
> >        \
> >          |         ^~~~~~~~~~~~~
> >    include/linux/fortify-string.h:693:26: note: in expansion of macro 
> > '__fortify_memcpy_chk'
> >      693 | #define memcpy(p, q, s)  __fortify_memcpy_chk(p, q, s,           
> >        \
> >          |                          ^~~~~~~~~~~~~~~~~~~~
> >    fs/bcachefs/extents.c:235:17: note: in expansion of macro 'memcpy'
> >      235 |                 memcpy((void *) &k->v + bkey_val_bytes(&k->k),
> >          |                 ^~~~~~
> >    fs/bcachefs/bcachefs_format.h:287:33: note: destination object 'v' of 
> > size 0
> >      287 |                 struct bch_val  v;
> >          |                                 ^
> > 
> > Avoid making any structure changes and just replace the u64 copy into a
> > direct assignment, side-stepping the entire problem.
> 
> This does make me wonder about the usefulness of the fortify source
> stuff if it can be sidestepped this way, but hey, I'll take it :)

Well, the "weird" cases like this are the ones that get attention. All
the places it's working more cleanly are very effectively stomping real
bugs.

> Pulled it into the testing branch, 
> https://evilpiepirate.org/~testdashboard/ci?branch=bcachefs-testing

Thanks!

-Kees

-- 
Kees Cook

Reply via email to