On 09/10/2024 14:14, Andrej Shadura wrote:
> Commit 9bf4e919ccad worked around an issue introduced after an
> innocuous optimisation change in LLVM main:
>
>> len is defined as an 'int' because it is assigned from
>> '__user int *optlen'. However, it is clamped against the result of
>> sizeof(), which has a type of 'size_t' ('unsigned long' for 64-bit
>> platforms). This is done with min_t() because min() requires
>> compatible types, which results in both len and the result of
>> sizeof() being casted to 'unsigned int', meaning len changes signs
>> and the result of sizeof() is truncated. From there, len is passed
>> to copy_to_user(), which has a third parameter type of 'unsigned
>> long', so it is widened and changes signs again. This excessive
>> casting in combination with the KCSAN instrumentation causes LLVM to
>> fail to eliminate the __bad_copy_from() call, failing the build.
>
> The same issue occurs in rfcomm in functions rfcomm_sock_getsockopt
> and rfcomm_sock_getsockopt_old.
>
> Change the type of len to size_t in both rfcomm_sock_getsockopt and
> rfcomm_sock_getsockopt_old and replace min_t() with min().
Any more reviews please? It would be great to have this fix merged :)
Thanks in advance.
--
Cheers,
Andrej
