Buildresult: gustavoars/arm64-allmodconfig/arm64-gcc8 built on Jun 23 2021, 09:50
kisskb
Revisions
|
Branches
|
Compilers
|
Configs
|
Build Results
|
Build Failures
|
Status:
OK
Date/Time:
Jun 23 2021, 09:50
Duration:
0:33:55.329514
Builder:
blade46
Revision:
media: siano: Fix out-of-bounds warnings in smscore_load_firmware_family2() (
a73bbfba991f8bb5d1814affcf1f7642ca0cdd35)
Target:
gustavoars/arm64-allmodconfig/arm64-gcc8
Branch:
gustavoars
Compiler:
arm64-gcc8
(aarch64-linux-gcc (GCC) 8.1.0 / GNU ld (GNU Binutils) 2.30)
Config:
allmodconfig
(
download
)
Log:
Download original
Possible warnings (1)
lib/bitfield_kunit.c:93:1: warning: the frame size of 7456 bytes is larger than 2048 bytes [-Wframe-larger-than=]
Full Log
# git rev-parse -q --verify a73bbfba991f8bb5d1814affcf1f7642ca0cdd35^{commit} a73bbfba991f8bb5d1814affcf1f7642ca0cdd35 already have revision, skipping fetch # git checkout -q -f -B kisskb a73bbfba991f8bb5d1814affcf1f7642ca0cdd35 # git clean -qxdf # < git log -1 # commit a73bbfba991f8bb5d1814affcf1f7642ca0cdd35 # Author: Gustavo A. R. Silva <gustavoars@kernel.org> # Date: Wed Mar 10 19:40:43 2021 -0600 # # media: siano: Fix out-of-bounds warnings in smscore_load_firmware_family2() # # Rename struct sms_msg_data4 to sms_msg_data5 and increase the size of # its msg_data array from 4 to 5 elements. Notice that at some point # the 5th element of msg_data is being accessed in function # smscore_load_firmware_family2(): # # 1006 trigger_msg->msg_data[4] = 4; /* Task ID */ # # Also, there is no need for the object _trigger_msg_ of type struct # sms_msg_data *, when _msg_ can be used, directly. Notice that msg_data # in struct sms_msg_data is a one-element array, which causes multiple # out-of-bounds warnings when accessing beyond its first element # in function smscore_load_firmware_family2(): # # 992 struct sms_msg_data *trigger_msg = # 993 (struct sms_msg_data *) msg; # 994 # 995 pr_debug("sending MSG_SMS_SWDOWNLOAD_TRIGGER_REQ\n"); # 996 SMS_INIT_MSG(&msg->x_msg_header, # 997 MSG_SMS_SWDOWNLOAD_TRIGGER_REQ, # 998 sizeof(struct sms_msg_hdr) + # 999 sizeof(u32) * 5); # 1000 # 1001 trigger_msg->msg_data[0] = firmware->start_address; # 1002 /* Entry point */ # 1003 trigger_msg->msg_data[1] = 6; /* Priority */ # 1004 trigger_msg->msg_data[2] = 0x200; /* Stack size */ # 1005 trigger_msg->msg_data[3] = 0; /* Parameter */ # 1006 trigger_msg->msg_data[4] = 4; /* Task ID */ # # even when enough dynamic memory is allocated for _msg_: # # 929 /* PAGE_SIZE buffer shall be enough and dma aligned */ # 930 msg = kmalloc(PAGE_SIZE, GFP_KERNEL | coredev->gfp_buf_flags); # # but as _msg_ is casted to (struct sms_msg_data *): # # 992 struct sms_msg_data *trigger_msg = # 993 (struct sms_msg_data *) msg; # # the out-of-bounds warnings are actually valid and should be addressed. # # Fix this by declaring object _msg_ of type struct sms_msg_data5 *, # which contains a 5-elements array, instead of just 4. And use # _msg_ directly, instead of creating object trigger_msg. # # This helps with the ongoing efforts to enable -Warray-bounds by fixing # the following warnings: # # CC [M] drivers/media/common/siano/smscoreapi.o # drivers/media/common/siano/smscoreapi.c: In function ‘smscore_load_firmware_family2’: # drivers/media/common/siano/smscoreapi.c:1003:24: warning: array subscript 1 is above array bounds of ‘u32[1]’ {aka ‘unsigned int[1]’} [-Warray-bounds] # 1003 | trigger_msg->msg_data[1] = 6; /* Priority */ # | ~~~~~~~~~~~~~~~~~~~~~^~~ # In file included from drivers/media/common/siano/smscoreapi.c:12: # drivers/media/common/siano/smscoreapi.h:619:6: note: while referencing ‘msg_data’ # 619 | u32 msg_data[1]; # | ^~~~~~~~ # drivers/media/common/siano/smscoreapi.c:1004:24: warning: array subscript 2 is above array bounds of ‘u32[1]’ {aka ‘unsigned int[1]’} [-Warray-bounds] # 1004 | trigger_msg->msg_data[2] = 0x200; /* Stack size */ # | ~~~~~~~~~~~~~~~~~~~~~^~~ # In file included from drivers/media/common/siano/smscoreapi.c:12: # drivers/media/common/siano/smscoreapi.h:619:6: note: while referencing ‘msg_data’ # 619 | u32 msg_data[1]; # | ^~~~~~~~ # drivers/media/common/siano/smscoreapi.c:1005:24: warning: array subscript 3 is above array bounds of ‘u32[1]’ {aka ‘unsigned int[1]’} [-Warray-bounds] # 1005 | trigger_msg->msg_data[3] = 0; /* Parameter */ # | ~~~~~~~~~~~~~~~~~~~~~^~~ # In file included from drivers/media/common/siano/smscoreapi.c:12: # drivers/media/common/siano/smscoreapi.h:619:6: note: while referencing ‘msg_data’ # 619 | u32 msg_data[1]; # | ^~~~~~~~ # drivers/media/common/siano/smscoreapi.c:1006:24: warning: array subscript 4 is above array bounds of ‘u32[1]’ {aka ‘unsigned int[1]’} [-Warray-bounds] # 1006 | trigger_msg->msg_data[4] = 4; /* Task ID */ # | ~~~~~~~~~~~~~~~~~~~~~^~~ # In file included from drivers/media/common/siano/smscoreapi.c:12: # drivers/media/common/siano/smscoreapi.h:619:6: note: while referencing ‘msg_data’ # 619 | u32 msg_data[1]; # | ^~~~~~~~ # # Fixes: 018b0c6f8acb ("[media] siano: make load firmware logic to work with newer firmwares") # Co-developed-by: Kees Cook <keescook@chromium.org> # Signed-off-by: Kees Cook <keescook@chromium.org> # Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org> # < /opt/cross/kisskb/korg/gcc-8.1.0-nolibc/aarch64-linux/bin/aarch64-linux-gcc --version # < /opt/cross/kisskb/korg/gcc-8.1.0-nolibc/aarch64-linux/bin/aarch64-linux-ld --version # < git log --format=%s --max-count=1 a73bbfba991f8bb5d1814affcf1f7642ca0cdd35 # < make -s -j 32 ARCH=arm64 O=/kisskb/build/gustavoars_arm64-allmodconfig_arm64-gcc8 CROSS_COMPILE=/opt/cross/kisskb/korg/gcc-8.1.0-nolibc/aarch64-linux/bin/aarch64-linux- allmodconfig # < make -s -j 32 ARCH=arm64 O=/kisskb/build/gustavoars_arm64-allmodconfig_arm64-gcc8 CROSS_COMPILE=/opt/cross/kisskb/korg/gcc-8.1.0-nolibc/aarch64-linux/bin/aarch64-linux- help # make -s -j 32 ARCH=arm64 O=/kisskb/build/gustavoars_arm64-allmodconfig_arm64-gcc8 CROSS_COMPILE=/opt/cross/kisskb/korg/gcc-8.1.0-nolibc/aarch64-linux/bin/aarch64-linux- olddefconfig # make -s -j 32 ARCH=arm64 O=/kisskb/build/gustavoars_arm64-allmodconfig_arm64-gcc8 CROSS_COMPILE=/opt/cross/kisskb/korg/gcc-8.1.0-nolibc/aarch64-linux/bin/aarch64-linux- /kisskb/src/lib/bitfield_kunit.c: In function 'test_bitfields_constants': /kisskb/src/lib/bitfield_kunit.c:93:1: warning: the frame size of 7456 bytes is larger than 2048 bytes [-Wframe-larger-than=] } ^ Completed OK # rm -rf /kisskb/build/gustavoars_arm64-allmodconfig_arm64-gcc8 # Build took: 0:33:55.329514
© Michael Ellerman 2006-2018.