Hi Colin, kernel test robot noticed the following build errors:
[auto build test ERROR on kees/for-next/hardening] [also build test ERROR on kees/for-next/pstore kees/for-next/kspp linus/master v6.16-rc3 next-20250626] [If your patch is applied to the wrong git tree, kindly drop us a note. And when submitting patch, we suggest to use '--base' as documented in https://git-scm.com/docs/git-format-patch#_base_tree_information] url: https://github.com/intel-lab-lkp/linux/commits/Colin-Ian-King/fortify-add-branch-hints-on-unlikely-fortify_panic-paths/20250626-001527 base: https://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git for-next/hardening patch link: https://lore.kernel.org/r/20250625161221.295575-1-colin.i.king%40gmail.com patch subject: [PATCH][next] fortify: add branch hints on unlikely fortify_panic paths config: x86_64-buildonly-randconfig-001-20250627 (https://download.01.org/0day-ci/archive/20250627/202506270832.qj2ekscw-...@intel.com/config) compiler: clang version 20.1.7 (https://github.com/llvm/llvm-project 6146a88f60492b520a36f8f8f3231e15f3cc6082) reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20250627/202506270832.qj2ekscw-...@intel.com/reproduce) If you fix the issue in a separate patch/commit (i.e. not just a new version of the same patch/commit), kindly add following tags | Reported-by: kernel test robot <l...@intel.com> | Closes: https://lore.kernel.org/oe-kbuild-all/202506270832.qj2ekscw-...@intel.com/ All error/warnings (new ones prefixed by >>): In file included from scripts/mod/devicetable-offsets.c:3: In file included from include/linux/mod_devicetable.h:14: In file included from include/linux/uuid.h:11: In file included from include/linux/string.h:392: >> include/linux/fortify-string.h:596:6: warning: non-constant static local >> variable in inline function may be different in different files >> [-Wstatic-local-in-inline] 596 | if (unlikely(p_size != SIZE_MAX && p_size < size)) | ^ include/linux/compiler.h:47:24: note: expanded from macro 'unlikely' 47 | # define unlikely(x) (__branch_check__(x, 0, __builtin_constant_p(x))) | ^ include/linux/compiler.h:24:4: note: expanded from macro '__branch_check__' 24 | static struct ftrace_likely_data \ | ^ In file included from scripts/mod/devicetable-offsets.c:3: In file included from include/linux/mod_devicetable.h:14: In file included from include/linux/uuid.h:11: In file included from include/linux/string.h:392: include/linux/fortify-string.h:598:11: warning: non-constant static local variable in inline function may be different in different files [-Wstatic-local-in-inline] 598 | else if (unlikely(q_size != SIZE_MAX && q_size < size)) | ^ include/linux/compiler.h:47:24: note: expanded from macro 'unlikely' 47 | # define unlikely(x) (__branch_check__(x, 0, __builtin_constant_p(x))) | ^ include/linux/compiler.h:24:4: note: expanded from macro '__branch_check__' 24 | static struct ftrace_likely_data \ | ^ 2 warnings generated. -- In file included from lib/locking-selftest.c:14: In file included from include/linux/rwsem.h:15: In file included from include/linux/spinlock.h:59: In file included from include/linux/irqflags.h:18: In file included from arch/x86/include/asm/irqflags.h:102: In file included from arch/x86/include/asm/paravirt.h:21: In file included from include/linux/cpumask.h:12: In file included from include/linux/bitmap.h:13: In file included from include/linux/string.h:392: >> include/linux/fortify-string.h:596:6: warning: non-constant static local >> variable in inline function may be different in different files >> [-Wstatic-local-in-inline] 596 | if (unlikely(p_size != SIZE_MAX && p_size < size)) | ^ include/linux/compiler.h:47:24: note: expanded from macro 'unlikely' 47 | # define unlikely(x) (__branch_check__(x, 0, __builtin_constant_p(x))) | ^ include/linux/compiler.h:24:4: note: expanded from macro '__branch_check__' 24 | static struct ftrace_likely_data \ | ^ In file included from lib/locking-selftest.c:14: In file included from include/linux/rwsem.h:15: In file included from include/linux/spinlock.h:59: In file included from include/linux/irqflags.h:18: In file included from arch/x86/include/asm/irqflags.h:102: In file included from arch/x86/include/asm/paravirt.h:21: In file included from include/linux/cpumask.h:12: In file included from include/linux/bitmap.h:13: In file included from include/linux/string.h:392: include/linux/fortify-string.h:598:11: warning: non-constant static local variable in inline function may be different in different files [-Wstatic-local-in-inline] 598 | else if (unlikely(q_size != SIZE_MAX && q_size < size)) | ^ include/linux/compiler.h:47:24: note: expanded from macro 'unlikely' 47 | # define unlikely(x) (__branch_check__(x, 0, __builtin_constant_p(x))) | ^ include/linux/compiler.h:24:4: note: expanded from macro '__branch_check__' 24 | static struct ftrace_likely_data \ | ^ lib/locking-selftest.c:2510:1: warning: unused function 'class_HARDIRQ_lock_ptr' [-Wunused-function] 2510 | DEFINE_LOCK_GUARD_0(HARDIRQ, HARDIRQ_ENTER(), HARDIRQ_EXIT()) | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ include/linux/cleanup.h:432:49: note: expanded from macro 'DEFINE_LOCK_GUARD_0' 432 | __DEFINE_CLASS_IS_CONDITIONAL(_name, false); \ | ^ 433 | __DEFINE_UNLOCK_GUARD(_name, void, _unlock, __VA_ARGS__) \ | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ include/linux/cleanup.h:406:10: note: expanded from macro '\ __DEFINE_UNLOCK_GUARD' 406 | \ | ^ 407 | __DEFINE_GUARD_LOCK_PTR(_name, &_T->lock) | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ include/linux/cleanup.h:314:23: note: expanded from macro '\ __DEFINE_GUARD_LOCK_PTR' 314 | static inline void * class_##_name##_lock_ptr(class_##_name##_t *_T) \ | ^~~~~~~~~~~~~~~~~~~~~~~~ <scratch space>:21:1: note: expanded from here 21 | class_HARDIRQ_lock_ptr | ^~~~~~~~~~~~~~~~~~~~~~ lib/locking-selftest.c:2511:1: warning: unused function 'class_NOTTHREADED_HARDIRQ_lock_ptr' [-Wunused-function] 2511 | DEFINE_LOCK_GUARD_0(NOTTHREADED_HARDIRQ, | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 2512 | do { | ~~~~ 2513 | local_irq_disable(); | ~~~~~~~~~~~~~~~~~~~~ 2514 | __irq_enter(); | ~~~~~~~~~~~~~~ 2515 | WARN_ON(!in_irq()); | ~~~~~~~~~~~~~~~~~~~ 2516 | } while(0), HARDIRQ_EXIT()) | ~~~~~~~~~~~~~~~~~~~~~~~~~~~ include/linux/cleanup.h:432:49: note: expanded from macro 'DEFINE_LOCK_GUARD_0' 432 | __DEFINE_CLASS_IS_CONDITIONAL(_name, false); \ | ^ 433 | __DEFINE_UNLOCK_GUARD(_name, void, _unlock, __VA_ARGS__) \ | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ include/linux/cleanup.h:406:10: note: expanded from macro '\ __DEFINE_UNLOCK_GUARD' 406 | \ | ^ 407 | __DEFINE_GUARD_LOCK_PTR(_name, &_T->lock) | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ include/linux/cleanup.h:314:23: note: expanded from macro '\ __DEFINE_GUARD_LOCK_PTR' 314 | static inline void * class_##_name##_lock_ptr(class_##_name##_t *_T) \ | ^~~~~~~~~~~~~~~~~~~~~~~~ <scratch space>:105:1: note: expanded from here 105 | class_NOTTHREADED_HARDIRQ_lock_ptr | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ lib/locking-selftest.c:2517:1: warning: unused function 'class_SOFTIRQ_lock_ptr' [-Wunused-function] 2517 | DEFINE_LOCK_GUARD_0(SOFTIRQ, SOFTIRQ_ENTER(), SOFTIRQ_EXIT()) | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ include/linux/cleanup.h:432:49: note: expanded from macro 'DEFINE_LOCK_GUARD_0' 432 | __DEFINE_CLASS_IS_CONDITIONAL(_name, false); \ | ^ 433 | __DEFINE_UNLOCK_GUARD(_name, void, _unlock, __VA_ARGS__) \ | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ include/linux/cleanup.h:406:10: note: expanded from macro '\ __DEFINE_UNLOCK_GUARD' 406 | \ | ^ 407 | __DEFINE_GUARD_LOCK_PTR(_name, &_T->lock) | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ include/linux/cleanup.h:314:23: note: expanded from macro '\ __DEFINE_GUARD_LOCK_PTR' 314 | static inline void * class_##_name##_lock_ptr(class_##_name##_t *_T) \ | ^~~~~~~~~~~~~~~~~~~~~~~~ <scratch space>:125:1: note: expanded from here 125 | class_SOFTIRQ_lock_ptr | ^~~~~~~~~~~~~~~~~~~~~~ lib/locking-selftest.c:2520:1: warning: unused function 'class_RCU_lock_ptr' [-Wunused-function] -- In file included from lib/test_bitops.c:10: In file included from include/linux/module.h:13: In file included from include/linux/stat.h:19: In file included from include/linux/time.h:60: In file included from include/linux/time32.h:13: In file included from include/linux/timex.h:67: In file included from arch/x86/include/asm/timex.h:5: In file included from arch/x86/include/asm/processor.h:19: In file included from arch/x86/include/asm/cpuid/api.h:57: In file included from arch/x86/include/asm/paravirt.h:21: In file included from include/linux/cpumask.h:12: In file included from include/linux/bitmap.h:13: In file included from include/linux/string.h:392: >> include/linux/fortify-string.h:596:6: error: non-constant static local >> variable in inline function may be different in different files >> [-Werror,-Wstatic-local-in-inline] 596 | if (unlikely(p_size != SIZE_MAX && p_size < size)) | ^ include/linux/compiler.h:47:24: note: expanded from macro 'unlikely' 47 | # define unlikely(x) (__branch_check__(x, 0, __builtin_constant_p(x))) | ^ include/linux/compiler.h:24:4: note: expanded from macro '__branch_check__' 24 | static struct ftrace_likely_data \ | ^ In file included from lib/test_bitops.c:10: In file included from include/linux/module.h:13: In file included from include/linux/stat.h:19: In file included from include/linux/time.h:60: In file included from include/linux/time32.h:13: In file included from include/linux/timex.h:67: In file included from arch/x86/include/asm/timex.h:5: In file included from arch/x86/include/asm/processor.h:19: In file included from arch/x86/include/asm/cpuid/api.h:57: In file included from arch/x86/include/asm/paravirt.h:21: In file included from include/linux/cpumask.h:12: In file included from include/linux/bitmap.h:13: In file included from include/linux/string.h:392: include/linux/fortify-string.h:598:11: error: non-constant static local variable in inline function may be different in different files [-Werror,-Wstatic-local-in-inline] 598 | else if (unlikely(q_size != SIZE_MAX && q_size < size)) | ^ include/linux/compiler.h:47:24: note: expanded from macro 'unlikely' 47 | # define unlikely(x) (__branch_check__(x, 0, __builtin_constant_p(x))) | ^ include/linux/compiler.h:24:4: note: expanded from macro '__branch_check__' 24 | static struct ftrace_likely_data \ | ^ 2 errors generated. -- In file included from lib/test_maple_tree.c:10: In file included from include/linux/maple_tree.h:12: In file included from include/linux/rcupdate.h:26: In file included from include/linux/irqflags.h:18: In file included from arch/x86/include/asm/irqflags.h:102: In file included from arch/x86/include/asm/paravirt.h:21: In file included from include/linux/cpumask.h:12: In file included from include/linux/bitmap.h:13: In file included from include/linux/string.h:392: >> include/linux/fortify-string.h:596:6: warning: non-constant static local >> variable in inline function may be different in different files >> [-Wstatic-local-in-inline] 596 | if (unlikely(p_size != SIZE_MAX && p_size < size)) | ^ include/linux/compiler.h:47:24: note: expanded from macro 'unlikely' 47 | # define unlikely(x) (__branch_check__(x, 0, __builtin_constant_p(x))) | ^ include/linux/compiler.h:24:4: note: expanded from macro '__branch_check__' 24 | static struct ftrace_likely_data \ | ^ In file included from lib/test_maple_tree.c:10: In file included from include/linux/maple_tree.h:12: In file included from include/linux/rcupdate.h:26: In file included from include/linux/irqflags.h:18: In file included from arch/x86/include/asm/irqflags.h:102: In file included from arch/x86/include/asm/paravirt.h:21: In file included from include/linux/cpumask.h:12: In file included from include/linux/bitmap.h:13: In file included from include/linux/string.h:392: include/linux/fortify-string.h:598:11: warning: non-constant static local variable in inline function may be different in different files [-Wstatic-local-in-inline] 598 | else if (unlikely(q_size != SIZE_MAX && q_size < size)) | ^ include/linux/compiler.h:47:24: note: expanded from macro 'unlikely' 47 | # define unlikely(x) (__branch_check__(x, 0, __builtin_constant_p(x))) | ^ include/linux/compiler.h:24:4: note: expanded from macro '__branch_check__' 24 | static struct ftrace_likely_data \ | ^ lib/test_maple_tree.c:212:26: warning: unused function 'not_empty' [-Wunused-function] 212 | static inline __init int not_empty(struct maple_node *node) | ^~~~~~~~~ 3 warnings generated. -- In file included from lib/tests/stackinit_kunit.c:14: In file included from include/kunit/test.h:22: In file included from include/linux/kref.h:16: In file included from include/linux/spinlock.h:59: In file included from include/linux/irqflags.h:18: In file included from arch/x86/include/asm/irqflags.h:102: In file included from arch/x86/include/asm/paravirt.h:21: In file included from include/linux/cpumask.h:12: In file included from include/linux/bitmap.h:13: In file included from include/linux/string.h:392: >> include/linux/fortify-string.h:596:6: warning: non-constant static local >> variable in inline function may be different in different files >> [-Wstatic-local-in-inline] 596 | if (unlikely(p_size != SIZE_MAX && p_size < size)) | ^ include/linux/compiler.h:47:24: note: expanded from macro 'unlikely' 47 | # define unlikely(x) (__branch_check__(x, 0, __builtin_constant_p(x))) | ^ include/linux/compiler.h:24:4: note: expanded from macro '__branch_check__' 24 | static struct ftrace_likely_data \ | ^ In file included from lib/tests/stackinit_kunit.c:14: In file included from include/kunit/test.h:22: In file included from include/linux/kref.h:16: In file included from include/linux/spinlock.h:59: In file included from include/linux/irqflags.h:18: In file included from arch/x86/include/asm/irqflags.h:102: In file included from arch/x86/include/asm/paravirt.h:21: In file included from include/linux/cpumask.h:12: In file included from include/linux/bitmap.h:13: In file included from include/linux/string.h:392: include/linux/fortify-string.h:598:11: warning: non-constant static local variable in inline function may be different in different files [-Wstatic-local-in-inline] 598 | else if (unlikely(q_size != SIZE_MAX && q_size < size)) | ^ include/linux/compiler.h:47:24: note: expanded from macro 'unlikely' 47 | # define unlikely(x) (__branch_check__(x, 0, __builtin_constant_p(x))) | ^ include/linux/compiler.h:24:4: note: expanded from macro '__branch_check__' 24 | static struct ftrace_likely_data \ | ^ lib/tests/stackinit_kunit.c:441:1: warning: initializer overrides prior initialization of this subobject [-Winitializer-overrides] 441 | DEFINE_UNION_INITIALIZER_TESTS(static, STRONG_PASS); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ lib/tests/stackinit_kunit.c:421:3: note: expanded from macro 'DEFINE_UNION_INITIALIZER_TESTS' 421 | DEFINE_UNION_TESTS(base ## _ ## all, xfail) | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ lib/tests/stackinit_kunit.c:424:3: note: expanded from macro 'DEFINE_UNION_TESTS' 424 | DEFINE_UNION_TEST(same_sizes, init, xfail); \ | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ lib/tests/stackinit_kunit.c:403:3: note: expanded from macro 'DEFINE_UNION_TEST' 403 | DEFINE_TEST(name ## _ ## init, \ | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 404 | union test_ ## name, STRUCT, init, \ | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 405 | xfail) | ~~~~~~ note: (skipping 1 expansions in backtrace; use -fmacro-backtrace-limit=0 to see all) <scratch space>:20:1: note: expanded from here 20 | INIT_STRUCT_static_all | ^ lib/tests/stackinit_kunit.c:137:8: note: expanded from macro 'INIT_STRUCT_static_all' 137 | = __static_all | ^~~~~~~~~~~~ lib/tests/stackinit_kunit.c:118:8: note: expanded from macro '__static_all' 118 | .two = 0, \ | ^~~~~~~~ lib/tests/stackinit_kunit.c:441:1: note: previous initialization is here 441 | DEFINE_UNION_INITIALIZER_TESTS(static, STRONG_PASS); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ lib/tests/stackinit_kunit.c:421:3: note: expanded from macro 'DEFINE_UNION_INITIALIZER_TESTS' 421 | DEFINE_UNION_TESTS(base ## _ ## all, xfail) | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ lib/tests/stackinit_kunit.c:424:3: note: expanded from macro 'DEFINE_UNION_TESTS' 424 | DEFINE_UNION_TEST(same_sizes, init, xfail); \ | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ lib/tests/stackinit_kunit.c:403:3: note: expanded from macro 'DEFINE_UNION_TEST' 403 | DEFINE_TEST(name ## _ ## init, \ | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 404 | union test_ ## name, STRUCT, init, \ | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 405 | xfail) | ~~~~~~ note: (skipping 1 expansions in backtrace; use -fmacro-backtrace-limit=0 to see all) <scratch space>:20:1: note: expanded from here 20 | INIT_STRUCT_static_all | ^ lib/tests/stackinit_kunit.c:137:8: note: expanded from macro 'INIT_STRUCT_static_all' 137 | = __static_all | ^~~~~~~~~~~~ lib/tests/stackinit_kunit.c:117:33: note: expanded from macro '__static_all' 117 | #define __static_all { .one = 0, \ | ^ lib/tests/stackinit_kunit.c:441:1: warning: initializer overrides prior initialization of this subobject [-Winitializer-overrides] 441 | DEFINE_UNION_INITIALIZER_TESTS(static, STRONG_PASS); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ lib/tests/stackinit_kunit.c:421:3: note: expanded from macro 'DEFINE_UNION_INITIALIZER_TESTS' 421 | DEFINE_UNION_TESTS(base ## _ ## all, xfail) | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ lib/tests/stackinit_kunit.c:424:3: note: expanded from macro 'DEFINE_UNION_TESTS' 424 | DEFINE_UNION_TEST(same_sizes, init, xfail); \ | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ lib/tests/stackinit_kunit.c:403:3: note: expanded from macro 'DEFINE_UNION_TEST' 403 | DEFINE_TEST(name ## _ ## init, \ | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 404 | union test_ ## name, STRUCT, init, \ | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 405 | xfail) | ~~~~~~ note: (skipping 1 expansions in backtrace; use -fmacro-backtrace-limit=0 to see all) <scratch space>:20:1: note: expanded from here 20 | INIT_STRUCT_static_all | ^ lib/tests/stackinit_kunit.c:137:8: note: expanded from macro 'INIT_STRUCT_static_all' .. vim +596 include/linux/fortify-string.h 515 516 /* 517 * To make sure the compiler can enforce protection against buffer overflows, 518 * memcpy(), memmove(), and memset() must not be used beyond individual 519 * struct members. If you need to copy across multiple members, please use 520 * struct_group() to create a named mirror of an anonymous struct union. 521 * (e.g. see struct sk_buff.) Read overflow checking is currently only 522 * done when a write overflow is also present, or when building with W=1. 523 * 524 * Mitigation coverage matrix 525 * Bounds checking at: 526 * +-------+-------+-------+-------+ 527 * | Compile time | Run time | 528 * memcpy() argument sizes: | write | read | write | read | 529 * dest source length +-------+-------+-------+-------+ 530 * memcpy(known, known, constant) | y | y | n/a | n/a | 531 * memcpy(known, unknown, constant) | y | n | n/a | V | 532 * memcpy(known, known, dynamic) | n | n | B | B | 533 * memcpy(known, unknown, dynamic) | n | n | B | V | 534 * memcpy(unknown, known, constant) | n | y | V | n/a | 535 * memcpy(unknown, unknown, constant) | n | n | V | V | 536 * memcpy(unknown, known, dynamic) | n | n | V | B | 537 * memcpy(unknown, unknown, dynamic) | n | n | V | V | 538 * +-------+-------+-------+-------+ 539 * 540 * y = perform deterministic compile-time bounds checking 541 * n = cannot perform deterministic compile-time bounds checking 542 * n/a = no run-time bounds checking needed since compile-time deterministic 543 * B = can perform run-time bounds checking (currently unimplemented) 544 * V = vulnerable to run-time overflow (will need refactoring to solve) 545 * 546 */ 547 __FORTIFY_INLINE bool fortify_memcpy_chk(__kernel_size_t size, 548 const size_t p_size, 549 const size_t q_size, 550 const size_t p_size_field, 551 const size_t q_size_field, 552 const u8 func) 553 { 554 if (__builtin_constant_p(size)) { 555 /* 556 * Length argument is a constant expression, so we 557 * can perform compile-time bounds checking where 558 * buffer sizes are also known at compile time. 559 */ 560 561 /* Error when size is larger than enclosing struct. */ 562 if (__compiletime_lessthan(p_size_field, p_size) && 563 __compiletime_lessthan(p_size, size)) 564 __write_overflow(); 565 if (__compiletime_lessthan(q_size_field, q_size) && 566 __compiletime_lessthan(q_size, size)) 567 __read_overflow2(); 568 569 /* Warn when write size argument larger than dest field. */ 570 if (__compiletime_lessthan(p_size_field, size)) 571 __write_overflow_field(p_size_field, size); 572 /* 573 * Warn for source field over-read when building with W=1 574 * or when an over-write happened, so both can be fixed at 575 * the same time. 576 */ 577 if ((IS_ENABLED(KBUILD_EXTRA_WARN1) || 578 __compiletime_lessthan(p_size_field, size)) && 579 __compiletime_lessthan(q_size_field, size)) 580 __read_overflow2_field(q_size_field, size); 581 } 582 /* 583 * At this point, length argument may not be a constant expression, 584 * so run-time bounds checking can be done where buffer sizes are 585 * known. (This is not an "else" because the above checks may only 586 * be compile-time warnings, and we want to still warn for run-time 587 * overflows.) 588 */ 589 590 /* 591 * Always stop accesses beyond the struct that contains the 592 * field, when the buffer's remaining size is known. 593 * (The SIZE_MAX test is to optimize away checks where the buffer 594 * lengths are unknown.) 595 */ > 596 if (unlikely(p_size != SIZE_MAX && p_size < size)) 597 fortify_panic(func, FORTIFY_WRITE, p_size, size, true); 598 else if (unlikely(q_size != SIZE_MAX && q_size < size)) 599 fortify_panic(func, FORTIFY_READ, p_size, size, true); 600 601 /* 602 * Warn when writing beyond destination field size. 603 * 604 * Note the implementation of __builtin_*object_size() behaves 605 * like sizeof() when not directly referencing a flexible 606 * array member, which means there will be many bounds checks 607 * that will appear at run-time, without a way for them to be 608 * detected at compile-time (as can be done when the destination 609 * is specifically the flexible array member). 610 * https://gcc.gnu.org/bugzilla/show_bug.cgi?id=101832 611 */ 612 if (p_size_field != SIZE_MAX && 613 p_size != p_size_field && p_size_field < size) 614 return true; 615 616 return false; 617 } 618 -- 0-DAY CI Kernel Test Service https://github.com/intel/lkp-tests/wiki
