On Thu, Dec 12, 2024, at 05:52, kernel test robot wrote:
Hi Elizabeth,
kernel test robot noticed the following build errors:
[auto build test ERROR on cdd30ebb1b9f36159d66f088b61aee264e649d7a]
url: https://github.com/intel-lab-lkp/linux/commits/Elizabeth-Figura/ntsync-Intro... base: cdd30ebb1b9f36159d66f088b61aee264e649d7a
All errors (new ones prefixed by >>):
In file included from include/linux/spinlock.h:60, from include/linux/wait.h:9, from include/linux/wait_bit.h:8, from include/linux/fs.h:6, from drivers/misc/ntsync.c:11: In function 'check_copy_size', inlined from 'copy_from_user' at include/linux/uaccess.h:207:7, inlined from 'setup_wait' at drivers/misc/ntsync.c:903:6:
include/linux/thread_info.h:259:25: error: call to '__bad_copy_to' declared with attribute error: copy destination size is too small
259 | __bad_copy_to(); | ^~~~~~~~~~~~~~~
I looked up the function from the github URL above and found
int fds[NTSYNC_MAX_WAIT_COUNT + 1]; const __u32 count = args->count; struct ntsync_q *q; __u32 total_count; __u32 i, j;
if (args->pad || (args->flags & ~NTSYNC_WAIT_REALTIME)) return -EINVAL;
if (args->count > NTSYNC_MAX_WAIT_COUNT) return -EINVAL;
total_count = count; if (args->alert) total_count++;
if (copy_from_user(fds, u64_to_user_ptr(args->objs), array_size(count, sizeof(*fds)))) return -EFAULT;
which looks correct to me, as it has appropriate range checking on args->count, but I can see how the warning may be a result of checking 'args->count' instead of 'count'.
Arnd