[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH][4.15] crypto: adjust rijndaelEncrypt() prototype for gcc11

To: Ian Jackson <iwj@xxxxxxxxxxxxxx>
From: Jan Beulich <jbeulich@xxxxxxxx>
Date: Thu, 4 Mar 2021 13:46:46 +0100
Cc: Julien Grall <julien@xxxxxxx>, Charles Arnold <CARNOLD@xxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>
Delivery-date: Thu, 04 Mar 2021 12:46:52 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 04.03.2021 12:21, Ian Jackson wrote:
> Jan Beulich writes ("Re: [PATCH][4.15] crypto: adjust rijndaelEncrypt() 
> prototype for gcc11"):
>> On 03.03.2021 20:09, Julien Grall wrote:
>>> On 01/03/2021 07:57, Jan Beulich wrote:
>>>> The upcoming release complains, not entirely unreasonably:
>>>>
>>>> In file included from rijndael.c:33:
>>>> .../xen/include/crypto/rijndael.h:55:53: note: previously declared as 
>>>> 'const unsigned char[]'
>>>>     55 | void    rijndaelEncrypt(const unsigned int [], int, const 
>>>> unsigned char [],
>>>>        |                                                     
>>>> ^~~~~~~~~~~~~~~~~~~~~~
>>>> rijndael.c:865:8: error: argument 4 of type 'u8[16]' {aka 'unsigned 
>>>> char[16]'} with mismatched bound [-Werror=array-parameter=]
>>>>    865 |     u8 ct[16])
> 
> I think this is an erroneous compiler warning.
> 
> It has been idiomatic in some codebases for a long time to write
>     const unsigned char[]
> as a formal parameter for an array (of whatever size).
> 
>>>> .../xen/include/xen/string.h:101:27: error: '__builtin_memcmp' specified 
>>>> bound 4 exceeds source size 0 [-Werror=stringop-overread]
>>>>    101 | #define memcmp(s1, s2, n) __builtin_memcmp(s1, s2, n)
>>>>        |                           ^~~~~~~~~~~~~~~~~~~~~~~~~~~
>>>> mpparse.c:722:13: note: in expansion of macro 'memcmp'
>>>>    722 |         if (memcmp(mpf->mpf_signature, "_MP_", 4) == 0 &&
>>>>        |             ^~~~~~
>>>>
>>>> Clearly neither the 1st nor the 2nd argument have a "source size" of 0.
>>>
>>> It looks like there is a report on the redhat bug tracker for it [1]. Do 
>>> you know if there is a bug report on the GCC tracker as well?
>>
>> I have no idea, to be honest.
> 
> This erroneous message makes me think that there is simply a bug in
> this version of GCC, where formal parameters declared as
>     const unsigned char[]
> are treated as
>     const unsigned char[0]
> rather than as
>     const unsigned char*

I don't think so, no. In addition to what Julien has said, I think
the intention here is that the compiler can check that both consumer
and producers of arguments obey to the strictest available bounds of
such an array, no matter that at the syntactic level char[N] and
char[] both convert to char* when used in prototypes.

Jan

References:
- [PATCH][4.15] crypto: adjust rijndaelEncrypt() prototype for gcc11
  - From: Jan Beulich
- Re: [PATCH][4.15] crypto: adjust rijndaelEncrypt() prototype for gcc11
  - From: Julien Grall
- Re: [PATCH][4.15] crypto: adjust rijndaelEncrypt() prototype for gcc11
  - From: Jan Beulich
- Re: [PATCH][4.15] crypto: adjust rijndaelEncrypt() prototype for gcc11
  - From: Ian Jackson

Prev by Date: Re: [PATCH][4.15] crypto: adjust rijndaelEncrypt() prototype for gcc11
Next by Date: Re: [PATCH][4.15] crypto: adjust rijndaelEncrypt() prototype for gcc11
Previous by thread: Re: [PATCH][4.15] crypto: adjust rijndaelEncrypt() prototype for gcc11
Next by thread: Re: [PATCH][4.15] crypto: adjust rijndaelEncrypt() prototype for gcc11
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.