Re: UBSAN whinge in ihci-hub.c

From: Andrey Ryabinin
Date: Wed May 18 2016 - 03:40:42 EST

Next message: Vlastimil Babka: "[PATCH] mm, page_alloc: prevent infinite loop in buffered_rmqueue()"
Previous message: Vlastimil Babka: "Re: [PATCH v1] mm: bad_page() checks bad_flags instead of page->flags for hwpoison page"
In reply to: Greg Kroah-Hartman: "Re: UBSAN whinge in ihci-hub.c"
Next in thread: Oliver Neukum: "Re: UBSAN whinge in ihci-hub.c"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

2016-05-18 1:16 GMT+03:00 Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>:
> On Tue, May 17, 2016 at 05:52:40PM -0400, Valdis Kletnieks wrote:
>> So, not content in the amount of breakage I generate already, I
>> compiled with UBSAN enabled...
>>
>> The immediately relevant part:
>>
>> [ 2.418576] ================================================================================
>> [ 2.418579] UBSAN: Undefined behaviour in drivers/usb/host/ehci-hub.c:877:47
>> [ 2.418582] index -1 is out of range for type 'u32 [1]'
>
> <snip>
>
> It's a known bug in ubsan,

It's not a bug. int *p = &a[-1] is undefined behavior. It doesn't
matter whether that pointer dereferenced or not.

Next message: Vlastimil Babka: "[PATCH] mm, page_alloc: prevent infinite loop in buffered_rmqueue()"
Previous message: Vlastimil Babka: "Re: [PATCH v1] mm: bad_page() checks bad_flags instead of page->flags for hwpoison page"
In reply to: Greg Kroah-Hartman: "Re: UBSAN whinge in ihci-hub.c"
Next in thread: Oliver Neukum: "Re: UBSAN whinge in ihci-hub.c"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]