Re: [PATCH libcrypto 2/2] crypto: chacha20poly1305: statically check fixed array lengths

Next message: Paul Walmsley: "Re: [PATCH v23 21/28] riscv: kernel command line option to opt out of user cfi"
Previous message: Jisheng Zhang: "Re: [PATCH v3 01/15] gpio: dwapb: Use modern PM macros"
In reply to: kernel test robot: "Re: [PATCH libcrypto 2/2] crypto: chacha20poly1305: statically check fixed array lengths"
Next in thread: Jason A. Donenfeld: "Re: [PATCH libcrypto 2/2] crypto: chacha20poly1305: statically check fixed array lengths"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Linus Torvalds

Date: Wed Nov 19 2025 - 11:23:17 EST

On Wed, 19 Nov 2025 at 04:46, kernel test robot <lkp@xxxxxxxxx> wrote:
>
> >> drivers/net/wireguard/cookie.c:193:2: warning: array argument is too small; contains 31 elements, callee requires at least 32 [-Warray-bounds]

Hmm. Is this a compiler bug?

That checker->cookie_encryption_key is declared as

u8 cookie_encryption_key[NOISE_SYMMETRIC_KEY_LEN];

and NOISE_SYMMETRIC_KEY_LEN is an enum that is defined to be the same
as CHACHA20POLY1305_KEY_SIZE, which is 32.

And the compiler is aware of that:

> include/crypto/chacha20poly1305.h:32:20: note: callee declares array parameter as static here
> 32 | const u8 key[min_array_size(CHACHA20POLY1305_KEY_SIZE)]);
> | ^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

but still talks about "contains 31 elements".

Is this some confusion with the compiler thinking that a "const u8[]"
is a string, and then at some point subtracted one as the max length,
and then is confused due to that?

Because if compilers screw this up, we can't do that 'static' thing,
regardless of name. I'm not willing to play silly buggers with broken
compiler warnings.

Linus