On Tue, Jul 31, 2018 at 11:58 AM Nick Desaulniers ndesaulniers@google.com wrote:
On Tue, Jul 31, 2018 at 10:02 AM Kees Cook keescook@chromium.org wrote:
On Tue, Jul 31, 2018 at 9:48 AM, Nick Desaulniers
On Tue, Jul 31, 2018 at 3:27 AM kbuild test robot lkp@intel.com wrote:
drivers/net//wireless/intel/iwlwifi/iwl-trans.c: In function 'iwl_trans_send_cmd':
drivers/net//wireless/intel/iwlwifi/iwl-trans.c:137:2: warning: this 'if' clause does not guard... [-Wmisleading-indentation]
if (!(cmd->flags & CMD_ASYNC)) ^~drivers/net//wireless/intel/iwlwifi/iwl-trans.c:138:1: note: ...this statement, but the latter is misleadingly indented as if it were guarded by the 'if' lock_map_acquire_read(&trans->sync_cmd_lockdep_map); ^ ~
vim +/if +137 drivers/net//wireless/intel/iwlwifi/iwl-trans.c
92fe8343 Emmanuel Grumbach 2015-12-01 @137 if (!(cmd->flags & CMD_ASYNC)) 92fe8343 Emmanuel Grumbach 2015-12-01 138 lock_map_acquire_read(&trans->sync_cmd_lockdep_map);
#define lock_map_acquire_read(l) lock_acquire_shared_recursive(l, 0, 0, NULL, _THIS_IP_)
#define lock_acquire_shared_recursive(l, s, t, n, i) lock_acquire(l, s, t, 2, 1, n, i)
The config doesn't have CONFIG_LOCKDEP, so it's not:
extern void lock_acquire(struct lockdep_map *lock, unsigned int subclass, int trylock, int read, int check, struct lockdep_map *nest_lock, unsigned long ip);
but rather:
# define lock_acquire(l, s, t, r, c, n, i) do { } while (0)
This is tricky, if I preprocess that translation unit with the exact flags used during compilation, I get:
if (!(cmd->flags & CMD_ASYNC)) #pragma GCC diagnostic push #pragma GCC diagnostic pop do { } while (0);Which is not enough to trigger -Wmisleading-indentation alone. It is curious that if we add braces to that if statement (as Nathan notes in a sibling post) or removing the pop (not shippable) seems to fix the warning.
Something fishy is going on here: https://godbolt.org/g/b5dsqH
It seems that gcc's warning is technically correct, but it seems to be a miscompile as puts() in my reduced test case is called unconditionally. I've filed: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=86765
In the meanwhile, I've reworked the patch to change _THIS_IP_ to a only contain a function call, to a new static inline function which does what the statement expression used to. This now triggers -Wreturn-local-addr warnings in gcc, which is a warning added in gcc-4.8, so I need to add another __diag_ignore, and case for gcc 4.8 to include/linux/compiler-gcc.h.
At this point, I think I might as well consolidate current_text_addr() and _THIS_IP_. Stay tuned for v3.
-- Thanks, ~Nick Desaulniers