Re: [PATCH] landlock: avoid memcpy static check warning

Next message: Sasha Levin: "[PATCH AUTOSEL 7.0] platform/x86: hp-wmi: Add support for Victus 16-r0xxx (8BC2)"
Previous message: Krzysztof Kozlowski: "Re: [PATCH 3/3] usb: ucsi: ccg: Add support for CYPD6129 (CCG6)"
In reply to: Micka&#xEB;l Sala&#xFC;n: "Re: [PATCH] landlock: avoid memcpy static check warning"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Arnd Bergmann

Date: Wed May 20 2026 - 07:54:21 EST

On Wed, May 20, 2026, at 11:10, Mickaël Salaün wrote:
> On Tue, May 19, 2026 at 10:30:05PM +0200, Arnd Bergmann wrote:
>>
>> Out of these individually helpful checks (-Wrestrict, fortified
>> string helpers, flex_array_size), one of them has to go to avoid
>> the warning.
>>
>> Seeing that the length of the array is already checked earlier
>> in this function, through both an explicit LANDLOCK_MAX_NUM_LAYERS
>> comparison and the implicit kzalloc_flex() having succeeded,
>> replace the flex_array_size() call with a direct multiplication.
>
> Can flex_array_size() be fixed instead?

I couldn't figure it out myself, but feel free to give it a try.
I've attached the two randconfig files that showed the problem
for me, as this only shows up very rarely.

Actually thinking about it again, I suspect that this is not
really a false positive but that gcc got things right by detecting
that flex_array_size() returns SIZE_MAX in case of an overflow,
and this would in fact cause data corruption when used as
the length in mempcy().

Arnd

Attachment: 0xCD5395EB-config.gz
Description: application/gzip

Attachment: 0xF0418B18-config.gz
Description: application/gzip