* [PATCH bpf-next] bpf: avoid uninitialized warnings in verifier_global_subprogs.c
@ 2024-05-07 14:05 Jose E. Marchesi
2024-05-07 17:41 ` Yonghong Song
0 siblings, 1 reply; 4+ messages in thread
From: Jose E. Marchesi @ 2024-05-07 14:05 UTC (permalink / raw
To: bpf
Cc: Jose E . Marchesi, david.faust, cupertino.miranda, Yonghong Song,
Eduard Zingerman
The BPF selftest verifier_global_subprogs.c contains code that
purposedly performs out of bounds access to memory, to check whether
the kernel verifier is able to catch them. For example:
__noinline int global_unsupp(const int *mem)
{
if (!mem)
return 0;
return mem[100]; /* BOOM */
}
With -O1 and higher and no inlining, GCC notices this fact and emits a
"maybe uninitialized" warning. This is by design. Note that the
emission of these warnings is highly dependent on the precise
optimizations that are performed.
This patch adds a compiler pragma to verifier_global_subprogs.c to
ignore these warnings.
Tested in bpf-next master.
No regressions.
Signed-off-by: Jose E. Marchesi <jose.marchesi@oracle.com>
Cc: david.faust@oracle.com
Cc: cupertino.miranda@oracle.com
Cc: Yonghong Song <yonghong.song@linux.dev>
Cc: Eduard Zingerman <eddyz87@gmail.com>
---
tools/testing/selftests/bpf/progs/verifier_global_subprogs.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/tools/testing/selftests/bpf/progs/verifier_global_subprogs.c b/tools/testing/selftests/bpf/progs/verifier_global_subprogs.c
index baff5ffe9405..d05dc218b7e9 100644
--- a/tools/testing/selftests/bpf/progs/verifier_global_subprogs.c
+++ b/tools/testing/selftests/bpf/progs/verifier_global_subprogs.c
@@ -8,6 +8,11 @@
#include "xdp_metadata.h"
#include "bpf_kfuncs.h"
+/* The compiler may be able to detect the access to uninitialized
+ memory in the routines performing out of bound memory accesses and
+ emit warnings about it. This is the case of GCC. */
+#pragma GCC diagnostic ignored "-Wuninitialized"
+
int arr[1];
int unkn_idx;
const volatile bool call_dead_subprog = false;
--
2.30.2
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH bpf-next] bpf: avoid uninitialized warnings in verifier_global_subprogs.c
2024-05-07 14:05 [PATCH bpf-next] bpf: avoid uninitialized warnings in verifier_global_subprogs.c Jose E. Marchesi
@ 2024-05-07 17:41 ` Yonghong Song
2024-05-07 18:20 ` Jose E. Marchesi
0 siblings, 1 reply; 4+ messages in thread
From: Yonghong Song @ 2024-05-07 17:41 UTC (permalink / raw
To: Jose E. Marchesi, bpf; +Cc: david.faust, cupertino.miranda, Eduard Zingerman
On 5/7/24 7:05 AM, Jose E. Marchesi wrote:
> The BPF selftest verifier_global_subprogs.c contains code that
> purposedly performs out of bounds access to memory, to check whether
> the kernel verifier is able to catch them. For example:
>
> __noinline int global_unsupp(const int *mem)
> {
> if (!mem)
> return 0;
> return mem[100]; /* BOOM */
> }
>
> With -O1 and higher and no inlining, GCC notices this fact and emits a
> "maybe uninitialized" warning. This is by design. Note that the
> emission of these warnings is highly dependent on the precise
> optimizations that are performed.
Interesting. The error message is 'maybe uninitialized' but not
an error to complain out-of-bound access. But anyway, since gcc
produces a warning, your patch silences it and LGTM.
Acked-by: Yonghong Song <yonghong.song@linux.dev>
>
> This patch adds a compiler pragma to verifier_global_subprogs.c to
> ignore these warnings.
>
> Tested in bpf-next master.
> No regressions.
>
> Signed-off-by: Jose E. Marchesi <jose.marchesi@oracle.com>
> Cc: david.faust@oracle.com
> Cc: cupertino.miranda@oracle.com
> Cc: Yonghong Song <yonghong.song@linux.dev>
> Cc: Eduard Zingerman <eddyz87@gmail.com>
> ---
> tools/testing/selftests/bpf/progs/verifier_global_subprogs.c | 5 +++++
> 1 file changed, 5 insertions(+)
>
> diff --git a/tools/testing/selftests/bpf/progs/verifier_global_subprogs.c b/tools/testing/selftests/bpf/progs/verifier_global_subprogs.c
> index baff5ffe9405..d05dc218b7e9 100644
> --- a/tools/testing/selftests/bpf/progs/verifier_global_subprogs.c
> +++ b/tools/testing/selftests/bpf/progs/verifier_global_subprogs.c
> @@ -8,6 +8,11 @@
> #include "xdp_metadata.h"
> #include "bpf_kfuncs.h"
>
> +/* The compiler may be able to detect the access to uninitialized
> + memory in the routines performing out of bound memory accesses and
> + emit warnings about it. This is the case of GCC. */
> +#pragma GCC diagnostic ignored "-Wuninitialized"
> +
> int arr[1];
> int unkn_idx;
> const volatile bool call_dead_subprog = false;
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH bpf-next] bpf: avoid uninitialized warnings in verifier_global_subprogs.c
2024-05-07 17:41 ` Yonghong Song
@ 2024-05-07 18:20 ` Jose E. Marchesi
2024-05-07 19:46 ` Yonghong Song
0 siblings, 1 reply; 4+ messages in thread
From: Jose E. Marchesi @ 2024-05-07 18:20 UTC (permalink / raw
To: Yonghong Song; +Cc: bpf, david.faust, cupertino.miranda, Eduard Zingerman
> On 5/7/24 7:05 AM, Jose E. Marchesi wrote:
>> The BPF selftest verifier_global_subprogs.c contains code that
>> purposedly performs out of bounds access to memory, to check whether
>> the kernel verifier is able to catch them. For example:
>>
>> __noinline int global_unsupp(const int *mem)
>> {
>> if (!mem)
>> return 0;
>> return mem[100]; /* BOOM */
>> }
>>
>> With -O1 and higher and no inlining, GCC notices this fact and emits a
>> "maybe uninitialized" warning. This is by design. Note that the
>> emission of these warnings is highly dependent on the precise
>> optimizations that are performed.
>
> Interesting. The error message is 'maybe uninitialized' but not
> an error to complain out-of-bound access. But anyway, since gcc
> produces a warning, your patch silences it and LGTM.
>
> Acked-by: Yonghong Song <yonghong.song@linux.dev>
Please hold on. The right warning to inhibit is -Wmaybe-uninitialized,
which is GCC specific.
So it must be:
#if !defined(__clang__)
#pragma GCC diagnostic ignored "-Wmaybe-uninitialized"
#endif
Unless you disagree I am testing this and will send a V2 with your
Acked-by.
Sorry about this. I hate to be erratic, but so many small patches
today.
>>
>> This patch adds a compiler pragma to verifier_global_subprogs.c to
>> ignore these warnings.
>>
>> Tested in bpf-next master.
>> No regressions.
>>
>> Signed-off-by: Jose E. Marchesi <jose.marchesi@oracle.com>
>> Cc: david.faust@oracle.com
>> Cc: cupertino.miranda@oracle.com
>> Cc: Yonghong Song <yonghong.song@linux.dev>
>> Cc: Eduard Zingerman <eddyz87@gmail.com>
>> ---
>> tools/testing/selftests/bpf/progs/verifier_global_subprogs.c | 5 +++++
>> 1 file changed, 5 insertions(+)
>>
>> diff --git
>> a/tools/testing/selftests/bpf/progs/verifier_global_subprogs.c
>> b/tools/testing/selftests/bpf/progs/verifier_global_subprogs.c
>> index baff5ffe9405..d05dc218b7e9 100644
>> --- a/tools/testing/selftests/bpf/progs/verifier_global_subprogs.c
>> +++ b/tools/testing/selftests/bpf/progs/verifier_global_subprogs.c
>> @@ -8,6 +8,11 @@
>> #include "xdp_metadata.h"
>> #include "bpf_kfuncs.h"
>> +/* The compiler may be able to detect the access to uninitialized
>> + memory in the routines performing out of bound memory accesses and
>> + emit warnings about it. This is the case of GCC. */
>> +#pragma GCC diagnostic ignored "-Wuninitialized"
>> +
>> int arr[1];
>> int unkn_idx;
>> const volatile bool call_dead_subprog = false;
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH bpf-next] bpf: avoid uninitialized warnings in verifier_global_subprogs.c
2024-05-07 18:20 ` Jose E. Marchesi
@ 2024-05-07 19:46 ` Yonghong Song
0 siblings, 0 replies; 4+ messages in thread
From: Yonghong Song @ 2024-05-07 19:46 UTC (permalink / raw
To: Jose E. Marchesi; +Cc: bpf, david.faust, cupertino.miranda, Eduard Zingerman
On 5/7/24 11:20 AM, Jose E. Marchesi wrote:
>> On 5/7/24 7:05 AM, Jose E. Marchesi wrote:
>>> The BPF selftest verifier_global_subprogs.c contains code that
>>> purposedly performs out of bounds access to memory, to check whether
>>> the kernel verifier is able to catch them. For example:
>>>
>>> __noinline int global_unsupp(const int *mem)
>>> {
>>> if (!mem)
>>> return 0;
>>> return mem[100]; /* BOOM */
>>> }
>>>
>>> With -O1 and higher and no inlining, GCC notices this fact and emits a
>>> "maybe uninitialized" warning. This is by design. Note that the
>>> emission of these warnings is highly dependent on the precise
>>> optimizations that are performed.
>> Interesting. The error message is 'maybe uninitialized' but not
>> an error to complain out-of-bound access. But anyway, since gcc
>> produces a warning, your patch silences it and LGTM.
>>
>> Acked-by: Yonghong Song <yonghong.song@linux.dev>
> Please hold on. The right warning to inhibit is -Wmaybe-uninitialized,
> which is GCC specific.
>
> So it must be:
>
> #if !defined(__clang__)
> #pragma GCC diagnostic ignored "-Wmaybe-uninitialized"
> #endif
>
> Unless you disagree I am testing this and will send a V2 with your
> Acked-by.
I thought -Wmaybe-unitialized also available to clang but just checked
that clang does not have this. So your above change looks good to me.
>
> Sorry about this. I hate to be erratic, but so many small patches
> today.
>
>>> This patch adds a compiler pragma to verifier_global_subprogs.c to
>>> ignore these warnings.
>>>
>>> Tested in bpf-next master.
>>> No regressions.
>>>
>>> Signed-off-by: Jose E. Marchesi <jose.marchesi@oracle.com>
>>> Cc: david.faust@oracle.com
>>> Cc: cupertino.miranda@oracle.com
>>> Cc: Yonghong Song <yonghong.song@linux.dev>
>>> Cc: Eduard Zingerman <eddyz87@gmail.com>
>>> ---
>>> tools/testing/selftests/bpf/progs/verifier_global_subprogs.c | 5 +++++
>>> 1 file changed, 5 insertions(+)
>>>
>>> diff --git
>>> a/tools/testing/selftests/bpf/progs/verifier_global_subprogs.c
>>> b/tools/testing/selftests/bpf/progs/verifier_global_subprogs.c
>>> index baff5ffe9405..d05dc218b7e9 100644
>>> --- a/tools/testing/selftests/bpf/progs/verifier_global_subprogs.c
>>> +++ b/tools/testing/selftests/bpf/progs/verifier_global_subprogs.c
>>> @@ -8,6 +8,11 @@
>>> #include "xdp_metadata.h"
>>> #include "bpf_kfuncs.h"
>>> +/* The compiler may be able to detect the access to uninitialized
>>> + memory in the routines performing out of bound memory accesses and
>>> + emit warnings about it. This is the case of GCC. */
>>> +#pragma GCC diagnostic ignored "-Wuninitialized"
>>> +
>>> int arr[1];
>>> int unkn_idx;
>>> const volatile bool call_dead_subprog = false;
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2024-05-07 19:46 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2024-05-07 14:05 [PATCH bpf-next] bpf: avoid uninitialized warnings in verifier_global_subprogs.c Jose E. Marchesi
2024-05-07 17:41 ` Yonghong Song
2024-05-07 18:20 ` Jose E. Marchesi
2024-05-07 19:46 ` Yonghong Song
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).