lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:   Thu, 6 Jun 2019 06:09:54 -0700
From:   Guenter Roeck <linux@...ck-us.net>
To:     Masahiro Yamada <yamada.masahiro@...ionext.com>
Cc:     Jean Delvare <jdelvare@...e.com>, linux-hwmon@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2] hwmon: (smsc47m1) fix (suspicious) outside array
 bounds warnings

On Thu, Jun 06, 2019 at 05:52:42PM +0900, Masahiro Yamada wrote:
> Kbuild test robot reports outside array bounds warnings.
> 
> This is reproducible for ARCH=sh allmodconfig with the kernel.org
> toolchains available at:
> 
> https://mirrors.edge.kernel.org/pub/tools/crosstool/files/bin/x86_64/8.1.0/x86_64-gcc-8.1.0-nolibc-sh4-linux.tar.xz
> 
>   CC [M]  drivers/hwmon/smsc47m1.o
> drivers/hwmon/smsc47m1.c: In function 'fan_div_store':
> drivers/hwmon/smsc47m1.c:370:49: warning: array subscript [0, 2] is outside array bounds of 'u8[3]' {aka 'unsigned char[3]'} [-Warray-bounds]
>   tmp = 192 - (old_div * (192 - data->fan_preload[nr])
>                                 ~~~~~~~~~~~~~~~~~^~~~
> drivers/hwmon/smsc47m1.c:372:19: warning: array subscript [0, 2] is outside array bounds of 'u8[3]' {aka 'unsigned char[3]'} [-Warray-bounds]
>   data->fan_preload[nr] = clamp_val(tmp, 0, 191);
>   ~~~~~~~~~~~~~~~~~^~~~
> drivers/hwmon/smsc47m1.c:373:53: warning: array subscript [0, 2] is outside array bounds of 'const u8[3]' {aka 'const unsigned char[3]'} [-Warray-bounds]
>   smsc47m1_write_value(data, SMSC47M1_REG_FAN_PRELOAD[nr],
>                              ~~~~~~~~~~~~~~~~~~~~~~~~^~~~
> 
> Looking at the code, I believe these are false positives.
> 
> While it is ridiculous to patch our driver to make the insane
> compiler happy, clarifying the unreachable path will be helpful
> not only for compilers but also for humans.
> 
> Reported-by: kbuild test robot <lkp@...el.com>
> Signed-off-by: Masahiro Yamada <yamada.masahiro@...ionext.com>

Applied.

Thanks,
Guenter

> ---
> 
> Changes in v2:
>  - Use unreachable() instead of WARN_ON()
>  - Mention that the report seems suspicious
> 
>  drivers/hwmon/smsc47m1.c | 2 ++
>  1 file changed, 2 insertions(+)
> 
> diff --git a/drivers/hwmon/smsc47m1.c b/drivers/hwmon/smsc47m1.c
> index cc6aca6e436c..6d366c9cb906 100644
> --- a/drivers/hwmon/smsc47m1.c
> +++ b/drivers/hwmon/smsc47m1.c
> @@ -351,6 +351,8 @@ static ssize_t fan_div_store(struct device *dev,
>  		tmp |= data->fan_div[2] << 4;
>  		smsc47m1_write_value(data, SMSC47M2_REG_FANDIV3, tmp);
>  		break;
> +	default:
> +		unreachable();
>  	}
>  
>  	/* Preserve fan min */

Powered by blists - more mailing lists