Skip to content

Avoid invalid gcc 14.3 warning about array bounds in mbedtls_xor #73

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Oct 3, 2025
Merged

Avoid invalid gcc 14.3 warning about array bounds in mbedtls_xor #73

merged 1 commit into from
Oct 3, 2025

Conversation

@keith-packard
Copy link
Contributor

@keith-packard keith-packard commented Jun 5, 2025

The combination of the multi-byte loop with the single byte loop confuses GCC 14.3's array bounds checker. When the loop size is constant, check to see if it is a multiple of the multi-byte size and bail early. As this will be evaluated at compile time, there should be no run-time cost.

@github-actions github-actions bot mentioned this pull request Jul 11, 2025
Closed
@tomi-font tomi-font requested a review from valeriosetti July 22, 2025 10:40
tomi-font
tomi-font requested changes Jul 22, 2025
View reviewed changes
Copy link
Collaborator

@tomi-font tomi-font left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could you rather first make a PR in upstream Mbed TLS and then cherry pick it here?

@keith-packard
Copy link
Contributor Author

keith-packard commented Jul 22, 2025

Could you rather first make a PR in upstream Mbed TLS and then cherry pick it here?

Mbed-TLS/mbedtls#10318

@tomi-font
Copy link
Collaborator

tomi-font commented Jul 23, 2025

Mbed-TLS/mbedtls#10318

Thanks! If you want to get this merged here before it's merged upstream then please add a reference to the upstream PR (e.g. PR #) in the commit message. Otherwise we can just wait and cherry pick the upstream commit (with -x) once it's merged.

@keith-packard
Copy link
Contributor Author

keith-packard commented Jul 24, 2025

Mbed-TLS/mbedtls#10318

Thanks! If you want to get this merged here before it's merged upstream then please add a reference to the upstream PR (e.g. PR #) in the commit message. Otherwise we can just wait and cherry pick the upstream commit (with -x) once it's merged.

It's blocking SDK version 0.18, so we should probably not wait (the fix is pretty easy to review in isolation).

This was referenced Aug 11, 2025
Merged
Open
@github-actions github-actions bot mentioned this pull request Aug 11, 2025
Closed
@stephanosio
Copy link
Member

stephanosio commented Sep 9, 2025

@d3zd3z @ceolin PTAL, this is currently blocking SDK 1.0 work.

tomi-font
tomi-font reviewed Oct 1, 2025
View reviewed changes
Copy link
Collaborator

@tomi-font tomi-font left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe align this with Mbed-TLS/mbedtls#10318 and then we can merge this PR?

tomi-font
tomi-font requested changes Oct 2, 2025
View reviewed changes
Copy link
Collaborator

@tomi-font tomi-font left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

now missing the upstream PR # in the commit message 🙃

@keith-packard
Avoid invalid gcc 14.3 warning about array bounds in mbedtls_xor
75bc123 
The combination of the multi-byte loop with the single byte loop
confuses GCC 14.3's array bounds checker. When the loop size is
constant, check to see if it is a multiple of the multi-byte size and
bail early. As this will be evaluated at compile time, there should be
no run-time cost.

This change uses the __builtin_constant_p compile-time operation. To
check if that is supported, the change uses the existing
MBEDTLS_HAS_BUILTIN macro. That macro was defined later in
library/common.h than is needed for this change, so it was moved up to
join some other macros that looked similar.

Upstream PR: Mbed-TLS/mbedtls#10318

Signed-off-by: Keith Packard <keithp@keithp.com>
@tomi-font tomi-font merged commit 2994b29 into zephyrproject-rtos:zephyr Oct 3, 2025
@keith-packard keith-packard deleted the gcc-14-3 branch October 10, 2025 16:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@stephanosio stephanosio stephanosio approved these changes

@valeriosetti valeriosetti valeriosetti approved these changes

@tomi-font tomi-font tomi-font approved these changes

@d3zd3z d3zd3z Awaiting requested review from d3zd3z

@ceolin ceolin Awaiting requested review from ceolin

@wearyzen wearyzen Awaiting requested review from wearyzen

+1 more reviewer

@tejlmand tejlmand tejlmand approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@d3zd3z d3zd3z

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@keith-packard @tomi-font @stephanosio @tejlmand @valeriosetti @d3zd3z