Bug 228709 - x11/nvidia-driver: nvidia_subr.c:367:26: error: 'memset' call operates on objects of type ...
Summary: x11/nvidia-driver: nvidia_subr.c:367:26: error: 'memset' call operates on obj...
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Many People
Assignee: Ben Woods
Depends on:
Reported: 2018-06-02 19:36 UTC by O. Hartmann
Modified: 2018-11-09 21:33 UTC (History)
6 users (show)

See Also:
bugzilla: maintainer-feedback? (danfe)

Patch to fix nvidia driver memset(3) usage (2.80 KB, patch)
2018-06-04 04:21 UTC, Ben Woods
woodsb02: maintainer-approval? (danfe)
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description O. Hartmann 2018-06-02 19:36:47 UTC
On recent CURRENT (334535), build of x11/nvidia-driver (390.59) fails with the error shown below:

cc  -O2 -pipe -march=native -fno-strict-aliasing -DNV_VERSION_STRING=\"390.59\" -D__KERNEL__ -DNVRM -Wno-unused-function -Wuninitialized -O2 -fno-strict-aliasing -mno-red-zone -mcmodel=kernel -Wno-sign-compare -Wno-format-extra-args -UDEBUG -U_DEBUG -DNDEBUG -Werror=undef -march=native  -Werror -D_KERNEL -DKLD_MODULE -nostdinc  -I. -I../common/inc -I. -I/usr/src/sys -I/usr/src/sys/contrib/ck/include -fno-common  -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer   -MD  -MF.depend.nvidia_subr.o -MTnvidia_subr.o -mcmodel=kernel -mno-red-zone -mno-mmx -mno-sse -msoft-float  -fno-asynchronous-unwind-tables -ffreestanding -fwrapv -fstack-protector -Wall -Wredundant-decls -Wnested-externs -Wstrict-prototypes -Wmissing-prototypes -Wpointer-arith -Wcast-qual -Wundef -Wno-pointer-sign -D__printf__=__freebsd_kprintf__ -Wmissing-include-dirs -fdiagnostics-show-option -Wno-unknown-pragmas -Wno-error-tautological-compare -Wno-error-empty-body -Wno-error-parentheses-equality -Wno-error-unused-function -Wno-error-pointer-sign -Wno-error-shift-negative-value -Wno-address-of-packed-member  -mno-aes -mno-avx  -std=iso9899:1999 -c nvidia_subr.c -o nvidia_subr.o
nvidia_subr.c:367:26: error: 'memset' call operates on objects of type 'struct nv_ioctl_card_info' while the size is based on a different type 'struct nv_ioctl_card_info *' [-Werror,-Wsizeof-pointer-memaccess]
    memset(ci, 0, sizeof(ci));
           ~~            ^~
nvidia_subr.c:367:26: note: did you mean to dereference the argument to 'sizeof' (and multiply it by the number of elements)?
    memset(ci, 0, sizeof(ci));
1 error generated.
*** Error code 1

make[7]: stopped in /usr/obj/usr/src/amd64.amd64/sys/THOR/usr/ports/x11/nvidia-driver/work/NVIDIA-FreeBSD-x86_64-390.59/src/nvidia
*** Error code 1
Comment 1 david 2018-06-03 11:56:49 UTC
I also encountered this, during my attempt to perform a src-based update of head/amd64 from:

FreeBSD g1-215.catwhisker.org 12.0-CURRENT FreeBSD 12.0-CURRENT #5  r334528M/334528:1200066: Sat Jun  2 04:16:28 PDT 2018     root@g1-215.catwhisker.org:/common/S4/obj/usr/src/amd64.amd64/sys/CANARY  amd64

to r334542.

So it appears that (at least) one of the updates between r334529 - r334535 (inclusive) has catalyzed the problem.  Based on a quick glance at each of the 7 commit messages, I'm suspecting r334533 and/or r334534,
Comment 2 Ben Woods freebsd_committer 2018-06-04 03:23:54 UTC
Given that this error is about memset, and r334533 and r334534 are the 2 commits in the dissected range which modify head/sys/libkern/memset.c, I agree with David's suspicions that the issue is with one of these commits.

Copying in Mateusz (mjg) who made the recent memset changes.

Mateusz: any idea what the issue is here?
Comment 3 david 2018-06-04 03:32:15 UTC
Konstantin (kib@) had mentioned in email:

| Even not looking at the actual code, I am quite sure that the line              
| nvidia_subr.c:367 should be changed to                                          
|         memset(ci, 0, sizeof(*ci));                                             
| This is a bug in the driver sources.
Comment 4 Ben Woods freebsd_committer 2018-06-04 04:06:54 UTC
Looking closer, I think the memset changes made by mjg in 334533 have simply revealed an existing bug in the nvidia driver.

The code in the nvidia driver is:
     struct nv_ioctl_card_info *ci;
     memset(ci, 0, sizeof(ci));

As per the compiler error, the argument in the sizeof function should be dereferenced:
-    memset(ci, 0, sizeof(ci));
+    memset(ci, 0, sizeof(*ci));
Comment 5 Ben Woods freebsd_committer 2018-06-04 04:21:58 UTC
Created attachment 193982 [details]
Patch to fix nvidia driver memset(3) usage

Requesting approval from danfe@ as maintainer to commit this patch.
Comment 6 Ben Woods freebsd_committer 2018-06-04 04:30:51 UTC
Note that poudriere testing shows this fixes the build of the following ports on FreeBSD-12 CURRENT:

Note that it is also fixing a bug in the driver that applies equally on older versions of FreeBSD.
Comment 7 Alexey Dokuchaev freebsd_committer 2018-06-04 10:10:42 UTC
Yes, this is a bug in the driver code and should be fixed.  The patch is correct, but I'm not quite comfortable with adding more patches, esp. for such a trivial change.  Let me try to work our a sed(1)-based solution first.
Comment 8 Ben Woods freebsd_committer 2018-06-04 10:29:23 UTC
Fair enough.

The reason I went with a patch solution is because this is a change which should definitely be upstreamed.
Comment 9 Alexey Dokuchaev freebsd_committer 2018-06-04 16:12:02 UTC
I've notified upstream: https://devtalk.nvidia.com/default/topic/1036229/
Comment 10 commit-hook freebsd_committer 2018-06-04 17:39:12 UTC
A commit references this bug:

Author: danfe
Date: Mon Jun  4 17:38:36 UTC 2018
New revision: 471574
URL: https://svnweb.freebsd.org/changeset/ports/471574

  Unbreak nVidia drivers on recent -CURRENT, after memset() changes by mjg@
  in r334533 have revealed an existing bug in the nVidia code.

  PR:	228709