2.6.28-rc3: usb_hcd_poll_rh_status: array subscript is above array bounds - Kernel

This is a discussion on 2.6.28-rc3: usb_hcd_poll_rh_status: array subscript is above array bounds - Kernel ; CC [M] drivers/usb/core/hcd.o /home/bor/src/linux-git/drivers/usb/core/hcd.c: In function ‘usb_hcd_poll_rh_status’: /home/bor/src/linux-git/arch/x86/include/asm/string_32.h:75: warning: arraysubscript is above array bounds It is likely that issue is actually in string_32.h as similar errors are in oher places as well. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEABECAAYFAkkOsfYACgkQR6LMutpd94w52ACgt1hXFMIqlp ...

+ Reply to Thread
Results 1 to 5 of 5

Thread: 2.6.28-rc3: usb_hcd_poll_rh_status: array subscript is above array bounds

  1. 2.6.28-rc3: usb_hcd_poll_rh_status: array subscript is above array bounds

    CC [M] drivers/usb/core/hcd.o
    /home/bor/src/linux-git/drivers/usb/core/hcd.c: In function ‘usb_hcd_poll_rh_status’:
    /home/bor/src/linux-git/arch/x86/include/asm/string_32.h:75: warning: arraysubscript is above array bounds

    It is likely that issue is actually in string_32.h as similar errors are
    in oher places as well.

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.9 (GNU/Linux)

    iEYEABECAAYFAkkOsfYACgkQR6LMutpd94w52ACgt1hXFMIqlp w1fXOuLxXywby0
    cNkAoIMBsYOf7ii+ANT0XtX8XYKe/D6s
    =J33l
    -----END PGP SIGNATURE-----


  2. Re: 2.6.28-rc3: usb_hcd_poll_rh_status: array subscript is above array bounds

    On Mon, 3 Nov 2008, Andrey Borzenkov wrote:

    > CC [M] drivers/usb/core/hcd.o
    > /home/bor/src/linux-git/drivers/usb/core/hcd.c: In function ‘usb_hcd_poll_rh_status’:
    > /home/bor/src/linux-git/arch/x86/include/asm/string_32.h:75: warning: array subscript is above array bounds
    >
    > It is likely that issue is actually in string_32.h as similar errors are
    > in oher places as well.


    I think this is actually a compiler bug. It certainly has nothing to
    do with USB. There was a discussion about it a month or so ago on
    LKML.

    Alan Stern

    --
    To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
    the body of a message to majordomo@vger.kernel.org
    More majordomo info at http://vger.kernel.org/majordomo-info.html
    Please read the FAQ at http://www.tux.org/lkml/

  3. Re: 2.6.28-rc3: usb_hcd_poll_rh_status: array subscript is above array bounds

    On Monday 03 November 2008, Alan Stern wrote:
    > On Mon, 3 Nov 2008, Andrey Borzenkov wrote:
    >
    > > CC [M] drivers/usb/core/hcd.o
    > > /home/bor/src/linux-git/drivers/usb/core/hcd.c: In function ‘usb_hcd_poll_rh_status’:
    > > /home/bor/src/linux-git/arch/x86/include/asm/string_32.h:75: warning: array subscript is above array bounds
    > >
    > > It is likely that issue is actually in string_32.h as similar errors are
    > > in oher places as well.

    >
    > I think this is actually a compiler bug. It certainly has nothing to
    > do with USB. There was a discussion about it a month or so ago on
    > LKML.
    >




    Yes this really looks like a compiler bug, "length" hardly can be considered
    constant expression even using very broad definition of "constant".

    What is interesting though, it appears that compiler believes length has
    value of 5. So it will copy one extra byte; and possibly pass incorrect
    length to the caller. I cannot judge whether this garbage can do any harm.

    Dp you know if it was ever reported to gcc folks?

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.9 (GNU/Linux)

    iEYEABECAAYFAkkQcfMACgkQR6LMutpd94wzvgCfRXhkRPBJJa BJAke+TZtAJrzB
    m9MAn037YqX++0X/62OCy/5iCdEI54Y9
    =r31F
    -----END PGP SIGNATURE-----


  4. Re: 2.6.28-rc3: usb_hcd_poll_rh_status: array subscript is above array bounds

    On Tue, 4 Nov 2008, Andrey Borzenkov wrote:

    > > I think this is actually a compiler bug. It certainly has nothing to
    > > do with USB. There was a discussion about it a month or so ago on
    > > LKML.
    > >

    >
    >
    >
    > Yes this really looks like a compiler bug, "length" hardly can be considered
    > constant expression even using very broad definition of "constant".
    >
    > What is interesting though, it appears that compiler believes length has
    > value of 5. So it will copy one extra byte; and possibly pass incorrect
    > length to the caller. I cannot judge whether this garbage can do any harm.


    Did you examine the object code? That's the only way to be sure.

    > Dp you know if it was ever reported to gcc folks?


    I have no idea. All I know is what was reported on LKML.

    Alan Stern

    --
    To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
    the body of a message to majordomo@vger.kernel.org
    More majordomo info at http://vger.kernel.org/majordomo-info.html
    Please read the FAQ at http://www.tux.org/lkml/

  5. Re: 2.6.28-rc3: usb_hcd_poll_rh_status: array subscript is above array bounds

    On Tue, 4 Nov 2008 11:10:33 -0500 (EST)
    Alan Stern wrote:

    > > Dp you know if it was ever reported to gcc folks?

    >
    > I have no idea. All I know is what was reported on LKML.


    I reported this bug (well from a different part of the kernel, but same
    warning) to gcc and yes it's a "gcc behavior"
    apparently they produce the warning in a phase of the compiler before
    the optimization to remove this code as "not taken".

    There's a fix floating around but it's only a partial fix or something
    like that.


    --
    Arjan van de Ven Intel Open Source Technology Centre
    For development, discussion and tips for power savings,
    visit http://www.lesswatts.org
    --
    To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
    the body of a message to majordomo@vger.kernel.org
    More majordomo info at http://vger.kernel.org/majordomo-info.html
    Please read the FAQ at http://www.tux.org/lkml/

+ Reply to Thread