| Message ID | 20240326145348.3318887-1-arnd@kernel.org |
|---|---|
| State | New |
| Headers | show |
| Series | kbuild: enable some -Wextra warnings by default | expand |
On 3/26/24 23:53, Arnd Bergmann wrote: > From: Arnd Bergmann <arnd@arndb.de> > > gcc warns about a memcpy() with overlapping pointers because of an > incorrect size calculation: > > In file included from include/linux/string.h:369, > from drivers/ata/sata_sx4.c:66: > In function 'memcpy_fromio', > inlined from 'pdc20621_get_from_dimm.constprop' at drivers/ata/sata_sx4.c:962:2: > include/linux/fortify-string.h:97:33: error: '__builtin_memcpy' accessing 4294934464 bytes at offsets 0 and [16, 16400] overlaps 6442385281 bytes at offset -2147450817 [-Werror=restrict] > 97 | #define __underlying_memcpy __builtin_memcpy > | ^ > include/linux/fortify-string.h:620:9: note: in expansion of macro '__underlying_memcpy' > 620 | __underlying_##op(p, q, __fortify_size); \ > | ^~~~~~~~~~~~~ > include/linux/fortify-string.h:665:26: note: in expansion of macro '__fortify_memcpy_chk' > 665 | #define memcpy(p, q, s) __fortify_memcpy_chk(p, q, s, \ > | ^~~~~~~~~~~~~~~~~~~~ > include/asm-generic/io.h:1184:9: note: in expansion of macro 'memcpy' > 1184 | memcpy(buffer, __io_virt(addr), size); > | ^~~~~~ > > The problem here is the overflow of an unsigned 32-bit number to a > negative that gets converted into a signed 'long', keeping a large > positive number. > > Replace the complex calculation with a more readable min() variant > that avoids the warning. > > Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") That is old :) > Signed-off-by: Arnd Bergmann <arnd@arndb.de> Looks good to me. I can take the patch through libata tree, unless you prefer taking the whole series ? In case it is the latter: Acked-by: Damien Le Moal <dlemoal@kernel.org>
On Wed, Mar 27, 2024, at 02:36, Damien Le Moal wrote: > On 3/26/24 23:53, Arnd Bergmann wrote: > >> Signed-off-by: Arnd Bergmann <arnd@arndb.de> > > Looks good to me. I can take the patch through libata tree, unless you prefer > taking the whole series ? Please merge it through your tree. > In case it is the latter: > > Acked-by: Damien Le Moal <dlemoal@kernel.org> > Thanks, Arnd
On 3/28/24 05:21, Arnd Bergmann wrote: > On Wed, Mar 27, 2024, at 02:36, Damien Le Moal wrote: >> On 3/26/24 23:53, Arnd Bergmann wrote: >> >>> Signed-off-by: Arnd Bergmann <arnd@arndb.de> >> >> Looks good to me. I can take the patch through libata tree, unless you prefer >> taking the whole series ? > > Please merge it through your tree. Applied to for-6.9-fixes with a fixed up patch title prefix ("ata: sata_sx4: ..."). Thanks ! > >> In case it is the latter: >> >> Acked-by: Damien Le Moal <dlemoal@kernel.org> >> > > Thanks, > > Arnd
diff --git a/drivers/ata/sata_sx4.c b/drivers/ata/sata_sx4.c index b51d7a9d0d90..a482741eb181 100644 --- a/drivers/ata/sata_sx4.c +++ b/drivers/ata/sata_sx4.c @@ -957,8 +957,7 @@ static void pdc20621_get_from_dimm(struct ata_host *host, void *psource, offset -= (idx * window_size); idx++; - dist = ((long) (window_size - (offset + size))) >= 0 ? size : - (long) (window_size - offset); + dist = min(size, window_size - offset); memcpy_fromio(psource, dimm_mmio + offset / 4, dist); psource += dist; @@ -1005,8 +1004,7 @@ static void pdc20621_put_to_dimm(struct ata_host *host, void *psource, readl(mmio + PDC_DIMM_WINDOW_CTLR); offset -= (idx * window_size); idx++; - dist = ((long)(s32)(window_size - (offset + size))) >= 0 ? size : - (long) (window_size - offset); + dist = min(size, window_size - offset); memcpy_toio(dimm_mmio + offset / 4, psource, dist); writel(0x01, mmio + PDC_GENERAL_CTLR); readl(mmio + PDC_GENERAL_CTLR);