From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by sourceware.org (Postfix) with ESMTPS id 2974E39540BC for ; Tue, 18 May 2021 08:09:55 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.3.2 sourceware.org 2974E39540BC Received: from pps.filterd (m0098393.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 14I83AlM079089 for ; Tue, 18 May 2021 04:09:54 -0400 Received: from pps.reinject (localhost [127.0.0.1]) by mx0a-001b2d01.pphosted.com with ESMTP id 38m9hkrgy3-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Tue, 18 May 2021 04:09:54 -0400 Received: from m0098393.ppops.net (m0098393.ppops.net [127.0.0.1]) by pps.reinject (8.16.0.43/8.16.0.43) with SMTP id 14I83JNU079977 for ; Tue, 18 May 2021 04:09:53 -0400 Received: from ppma06fra.de.ibm.com (48.49.7a9f.ip4.static.sl-reverse.com [159.122.73.72]) by mx0a-001b2d01.pphosted.com with ESMTP id 38m9hkrgwv-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 18 May 2021 04:09:53 -0400 Received: from pps.filterd (ppma06fra.de.ibm.com [127.0.0.1]) by ppma06fra.de.ibm.com (8.16.0.43/8.16.0.43) with SMTP id 14I891Cq002624; Tue, 18 May 2021 08:09:51 GMT Received: from b06cxnps3075.portsmouth.uk.ibm.com (d06relay10.portsmouth.uk.ibm.com [9.149.109.195]) by ppma06fra.de.ibm.com with ESMTP id 38j5jh0qhk-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 18 May 2021 08:09:51 +0000 Received: from d06av23.portsmouth.uk.ibm.com (d06av23.portsmouth.uk.ibm.com [9.149.105.59]) by b06cxnps3075.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 14I89n0E33816980 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 18 May 2021 08:09:49 GMT Received: from d06av23.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 0BF16A404D; Tue, 18 May 2021 08:09:49 +0000 (GMT) Received: from d06av23.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id E0028A4059; Tue, 18 May 2021 08:09:48 +0000 (GMT) Received: from li-ab9d22cc-354d-11b2-a85c-e984af76f811.ibm.com (unknown [9.171.1.234]) by d06av23.portsmouth.uk.ibm.com (Postfix) with ESMTP; Tue, 18 May 2021 08:09:48 +0000 (GMT) Subject: Re: [PATCH v2] Fix stringop-overflow warning in bug-regex19.c. To: libc-alpha@sourceware.org Cc: msebor@redhat.com References: <20210517141936.4122773-1-stli@linux.ibm.com> From: Stefan Liebler Message-ID: <300dc26a-9024-5a28-f701-25da952a417e@linux.ibm.com> Date: Tue, 18 May 2021 10:09:48 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.10.1 In-Reply-To: <20210517141936.4122773-1-stli@linux.ibm.com> Content-Type: text/plain; charset=utf-8 Content-Language: en-US X-TM-AS-GCONF: 00 X-Proofpoint-GUID: 0PZpkNTzGDew4vNiDu3DYBwaa-Q_IMnQ X-Proofpoint-ORIG-GUID: Xw49stfhLEEZzklKn5cfh9onuigWuMZt Content-Transfer-Encoding: 8bit X-Proofpoint-UnRewURL: 0 URL was un-rewritten MIME-Version: 1.0 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.391, 18.0.761 definitions=2021-05-18_03:2021-05-17, 2021-05-18 signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 suspectscore=0 bulkscore=0 spamscore=0 malwarescore=0 adultscore=0 mlxscore=0 mlxlogscore=999 phishscore=0 impostorscore=0 priorityscore=1501 lowpriorityscore=0 clxscore=1015 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2104190000 definitions=main-2105180057 X-Spam-Status: No, score=-12.0 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_EF, GIT_PATCH_0, KAM_ASCII_DIVIDERS, NICE_REPLY_A, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H4, RCVD_IN_MSPIKE_WL, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 May 2021 08:09:57 -0000 On 17/05/2021 16:19, Stefan Liebler wrote: > Starting with commit > 26492c0a14966c32c43cd6ca1d0dca5e62c6cfef > "Annotate additional APIs with GCC attribute access.", > gcc emits this warning on s390x: > In function ‘do_one_test’, > inlined from ‘do_mb_tests’ at bug-regex19.c:385:11: > bug-regex19.c:271:9: error: ‘re_search’ specified size 18446744073709551615 exceeds maximum object size 9223372036854775807 [-Werror=stringop-overflow=] > 271 | res = re_search (®buf, test->string, strlen (test->string), > | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > 272 | test->start, strlen (test->string) - test->start, NULL); > | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > In file included from ../include/regex.h:2, > from bug-regex19.c:22: > bug-regex19.c: In function ‘do_mb_tests’: > ../posix/regex.h:554:17: note: in a call to function ‘re_search’ declared with attribute ‘read_only (2, 3)’ > 554 | extern regoff_t re_search (struct re_pattern_buffer *__buffer, > | ^~~~~~~~~ > ... > > The function do_one_test is inlined into do_mb_tests on s390x (at least with > gcc 10). If do_one_test is marked with __attribute__ ((noinline)), there are > no warnings on s390x. If do_one_test is marked with > __attribute__ ((always_inline)), there are the same warnings on x86_64. > > test->string points to a variable length array on stack of do_mb_tests > and the content is generated based on the passed test struct. > > According to Martin Sebor, this is a false positive caused by the same bug as > the one in nss/makedb.c. It's fixed in GCC 11 and will also be available in > the next GCC 10.4 release. > --- > posix/bug-regex19.c | 19 +++++++++++++++++++ > 1 file changed, 19 insertions(+) > > diff --git a/posix/bug-regex19.c b/posix/bug-regex19.c > index 9bbffb17e3..b3fee0a730 100644 > --- a/posix/bug-regex19.c > +++ b/posix/bug-regex19.c > @@ -24,6 +24,7 @@ > #include > #include > #include > +#include > > #define BRE RE_SYNTAX_POSIX_BASIC > #define ERE RE_SYNTAX_POSIX_EXTENDED > @@ -268,8 +269,17 @@ do_one_test (const struct test_s *test, const char *fail) > return 1; > } > > +#if __GNUC_PREREQ (10, 0) && !__GNUC_PREREQ (11, 0) > + DIAG_PUSH_NEEDS_COMMENT; > + /* Avoid GCC 10 false positive warning: specified size exceeds maximum > + object size. */ > + DIAG_IGNORE_NEEDS_COMMENT (10, "-Wstringop-overflow"); > +#endif > res = re_search (®buf, test->string, strlen (test->string), > test->start, strlen (test->string) - test->start, NULL); > +#if __GNUC_PREREQ (10, 0) && !__GNUC_PREREQ (11, 0) > + DIAG_POP_NEEDS_COMMENT; > +#endif > if (res != test->res) > { > printf ("%sre_search \"%s\" \"%s\" failed: %d (expected %d)\n", > @@ -280,8 +290,17 @@ do_one_test (const struct test_s *test, const char *fail) > > if (test->res > 0 && test->start == 0) > { > +#if __GNUC_PREREQ (10, 0) && !__GNUC_PREREQ (11, 0) > + DIAG_PUSH_NEEDS_COMMENT; > + /* Avoid GCC 10 false positive warning: specified size exceeds maximum > + object size. */ > + DIAG_IGNORE_NEEDS_COMMENT (10, "-Wstringop-overflow"); > +#endif > res = re_search (®buf, test->string, strlen (test->string), > test->res, strlen (test->string) - test->res, NULL); > +#if __GNUC_PREREQ (10, 0) && !__GNUC_PREREQ (11, 0) > + DIAG_POP_NEEDS_COMMENT; > +#endif > if (res != test->res) > { > printf ("%sre_search from expected \"%s\" \"%s\" failed: %d (expected %d)\n", > Committed after response from Martin: https://sourceware.org/pipermail/libc-alpha/2021-May/126416.html Thanks, Stefan