Hi Kees, kernel test robot noticed the following build warnings: [auto build test WARNING on kees/for-next/hardening] [also build test WARNING on kees/for-next/pstore kees/for-next/kspp linus/master tip/x86/core v6.3-rc5 next-20230406] [If your patch is applied to the wrong git tree, kindly drop us a note. And when submitting patch, we suggest to use '--base' as documented in https://git-scm.com/docs/git-format-patch#_base_tree_information] url: https://github.com/intel-lab-lkp/linux/commits/Kees-Cook/kunit-tool-Enable-CONFIG_FORTIFY_SOURCE-under-UML/20230408-032959 base: https://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git for-next/hardening patch link: https://lore.kernel.org/r/20230407192717.636137-9-keescook%40chromium.org patch subject: [PATCH v2 09/10] fortify: Add KUnit tests for runtime overflows config: openrisc-randconfig-r034-20230405 (https://download.01.org/0day-ci/archive/20230408/202304080811.nYP4KpPZ-lkp@xxxxxxxxx/config) compiler: or1k-linux-gcc (GCC) 12.1.0 reproduce (this is a W=1 build): wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross chmod +x ~/bin/make.cross # https://github.com/intel-lab-lkp/linux/commit/d212962ef7682ee160bf38fa455475558f031759 git remote add linux-review https://github.com/intel-lab-lkp/linux git fetch --no-tags linux-review Kees-Cook/kunit-tool-Enable-CONFIG_FORTIFY_SOURCE-under-UML/20230408-032959 git checkout d212962ef7682ee160bf38fa455475558f031759 # save the config file mkdir build_dir && cp config build_dir/.config COMPILER_INSTALL_PATH=$HOME/0day COMPILER=gcc-12.1.0 make.cross W=1 O=build_dir ARCH=openrisc olddefconfig COMPILER_INSTALL_PATH=$HOME/0day COMPILER=gcc-12.1.0 make.cross W=1 O=build_dir ARCH=openrisc SHELL=/bin/bash lib/ If you fix the issue, kindly add following tag where applicable | Reported-by: kernel test robot <lkp@xxxxxxxxx> | Link: https://lore.kernel.org/oe-kbuild-all/202304080811.nYP4KpPZ-lkp@xxxxxxxxx/ All warnings (new ones prefixed by >>): In file included from lib/fortify_kunit.c:28: lib/fortify_kunit.c: In function 'strnlen_test': >> lib/fortify_kunit.c:412:31: warning: 'strnlen' specified bound 33 exceeds source size 32 [-Wstringop-overread] 412 | KUNIT_EXPECT_EQ(test, strnlen(pad.buf, end + 1), end); include/kunit/test.h:584:38: note: in definition of macro 'KUNIT_BASE_BINARY_ASSERTION' 584 | const typeof(left) __left = (left); \ | ^~~~ include/kunit/test.h:776:9: note: in expansion of macro 'KUNIT_BINARY_INT_ASSERTION' 776 | KUNIT_BINARY_INT_ASSERTION(test, \ | ^~~~~~~~~~~~~~~~~~~~~~~~~~ include/kunit/test.h:773:9: note: in expansion of macro 'KUNIT_EXPECT_EQ_MSG' 773 | KUNIT_EXPECT_EQ_MSG(test, left, right, NULL) | ^~~~~~~~~~~~~~~~~~~ lib/fortify_kunit.c:412:9: note: in expansion of macro 'KUNIT_EXPECT_EQ' 412 | KUNIT_EXPECT_EQ(test, strnlen(pad.buf, end + 1), end); | ^~~~~~~~~~~~~~~ lib/fortify_kunit.c:359:14: note: source object allocated here 359 | char buf[32]; | ^~~ lib/fortify_kunit.c:414:31: warning: 'strnlen' specified bound 34 exceeds source size 32 [-Wstringop-overread] 414 | KUNIT_EXPECT_EQ(test, strnlen(pad.buf, end + 2), end); include/kunit/test.h:584:38: note: in definition of macro 'KUNIT_BASE_BINARY_ASSERTION' 584 | const typeof(left) __left = (left); \ | ^~~~ include/kunit/test.h:776:9: note: in expansion of macro 'KUNIT_BINARY_INT_ASSERTION' 776 | KUNIT_BINARY_INT_ASSERTION(test, \ | ^~~~~~~~~~~~~~~~~~~~~~~~~~ include/kunit/test.h:773:9: note: in expansion of macro 'KUNIT_EXPECT_EQ_MSG' 773 | KUNIT_EXPECT_EQ_MSG(test, left, right, NULL) | ^~~~~~~~~~~~~~~~~~~ lib/fortify_kunit.c:414:9: note: in expansion of macro 'KUNIT_EXPECT_EQ' 414 | KUNIT_EXPECT_EQ(test, strnlen(pad.buf, end + 2), end); | ^~~~~~~~~~~~~~~ lib/fortify_kunit.c:359:14: note: source object allocated here 359 | char buf[32]; | ^~~ vim +/strnlen +412 lib/fortify_kunit.c 387 388 static void strnlen_test(struct kunit *test) 389 { 390 struct fortify_padding pad = { }; 391 int i, end = sizeof(pad.buf) - 1; 392 393 /* Fill 31 bytes with valid characters. */ 394 for (i = 0; i < sizeof(pad.buf) - 1; i++) 395 pad.buf[i] = i + '0'; 396 /* Trailing bytes are still %NUL. */ 397 KUNIT_EXPECT_EQ(test, pad.buf[end], '\0'); 398 KUNIT_EXPECT_EQ(test, pad.bytes_after, 0); 399 400 /* String is terminated, so strnlen() is valid. */ 401 KUNIT_EXPECT_EQ(test, strnlen(pad.buf, sizeof(pad.buf)), end); 402 KUNIT_EXPECT_EQ(test, fortify_read_overflows, 0); 403 /* A truncated strnlen() will be safe, too. */ 404 KUNIT_EXPECT_EQ(test, strnlen(pad.buf, sizeof(pad.buf) / 2), 405 sizeof(pad.buf) / 2); 406 KUNIT_EXPECT_EQ(test, fortify_read_overflows, 0); 407 408 /* Make string unterminated, and recount. */ 409 pad.buf[end] = 'A'; 410 end = sizeof(pad.buf); 411 /* Reading beyond with strncpy() will fail. */ > 412 KUNIT_EXPECT_EQ(test, strnlen(pad.buf, end + 1), end); 413 KUNIT_EXPECT_EQ(test, fortify_read_overflows, 1); 414 KUNIT_EXPECT_EQ(test, strnlen(pad.buf, end + 2), end); 415 KUNIT_EXPECT_EQ(test, fortify_read_overflows, 2); 416 417 /* Early-truncated is safe still, though. */ 418 KUNIT_EXPECT_EQ(test, strnlen(pad.buf, end), end); 419 KUNIT_EXPECT_EQ(test, fortify_read_overflows, 2); 420 421 end = sizeof(pad.buf) / 2; 422 KUNIT_EXPECT_EQ(test, strnlen(pad.buf, end), end); 423 KUNIT_EXPECT_EQ(test, fortify_read_overflows, 2); 424 } 425 -- 0-DAY CI Kernel Test Service https://github.com/intel/lkp-tests
