Re: [PATCH libcrypto 2/2] crypto: chacha20poly1305: statically check fixed array lengths

[Jason A. Donenfeld]

Hey Linus,

On Wed, Nov 19, 2025 at 5:29 PM Linus Torvalds
<torvalds@xxxxxxxxxxxxxxxxxxxx> wrote:
>
>  On Wed, 19 Nov 2025 at 04:46, kernel test robot <lkp@xxxxxxxxx> wrote:
> >
> > >> drivers/net/wireguard/cookie.c:193:2: warning: array argument is too small; contains 31 elements, callee requires at least 32 [-Warray-bounds]
>
> Hmm. Is this a compiler bug?

It's not. It's a 0day test bot bug! My original patch had in it some
commentary about what a bug would look like when it's caught by the
compiler. In order to provoke that compiler output, I mentioned in the
commit message that this diff will produce such and such result:

diff --git a/drivers/net/wireguard/cookie.h b/drivers/net/wireguard/cookie.h
index c4bd61ca03f2..2839c46029f8 100644
--- a/drivers/net/wireguard/cookie.h
+++ b/drivers/net/wireguard/cookie.h
@@ -13,7 +13,7 @@ struct wg_peer;

 struct cookie_checker {
        u8 secret[NOISE_HASH_LEN];
-       u8 cookie_encryption_key[NOISE_SYMMETRIC_KEY_LEN];
+       u8 cookie_encryption_key[NOISE_SYMMETRIC_KEY_LEN - 1];
        u8 message_mac1_key[NOISE_SYMMETRIC_KEY_LEN];
        u64 secret_birthdate;
        struct rw_semaphore secret_lock;

It looks like the 0day test bot just went through the email and
applied all the `diff --git ...` hunks, without taking into account
the context area above where the actual patches start.

So, if anything, this test bot output is showing that the compiler
feature works as intended.

Jason