RE: [PATCH] rtw89: avoid stringop-overflow warning

From: Ping-Ke Shih
Date: Mon Dec 04 2023 - 19:26:40 EST

Next message: Edgecombe, Rick P: "Re: [PATCH RFT v4 2/5] fork: Add shadow stack support to clone3()"
Previous message: Chen Wang: "[PATCH v4 4/4] riscv: dts: add clock generator for Sophgo SG2042 SoC"
In reply to: Arnd Bergmann: "[PATCH] rtw89: avoid stringop-overflow warning"
Next in thread: Kalle Valo: "Re: [PATCH] rtw89: avoid stringop-overflow warning"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> -----Original Message-----
> From: Arnd Bergmann <arnd@xxxxxxxxxx>
> Sent: Monday, December 4, 2023 3:30 PM
> To: Ping-Ke Shih <pkshih@xxxxxxxxxxx>; Kalle Valo <kvalo@xxxxxxxxxx>; Gustavo A. R. Silva
> <gustavoars@xxxxxxxxxx>
> Cc: Arnd Bergmann <arnd@xxxxxxxx>; DeanKu <ku920601@xxxxxxxxxxx>; linux-wireless@xxxxxxxxxxxxxxx;
> linux-kernel@xxxxxxxxxxxxxxx
> Subject: [PATCH] rtw89: avoid stringop-overflow warning

Subject prefix should be "wifi: rtw89: ..."

>
> From: Arnd Bergmann <arnd@xxxxxxxx>
>
> After -Wstringop-overflow got enabled, the rtw89 driver produced
> two odd warnings with gcc-13:
>
> drivers/net/wireless/realtek/rtw89/coex.c: In function 'rtw89_btc_ntfy_scan_start':
> drivers/net/wireless/realtek/rtw89/coex.c:5362:50: error: writing 1 byte into a region of size 0
> [-Werror=stringop-overflow=]
> 5362 | wl->dbcc_info.scan_band[phy_idx] = band;
> | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~
> In file included from drivers/net/wireless/realtek/rtw89/coex.h:8,
> from drivers/net/wireless/realtek/rtw89/coex.c:5:
> drivers/net/wireless/realtek/rtw89/core.h:1441:12: note: at offset [64, 255] into destination object
> 'scan_band' of size 2
> 1441 | u8 scan_band[RTW89_PHY_MAX]; /* scan band in each phy */
> | ^~~~~~~~~
> drivers/net/wireless/realtek/rtw89/coex.c: In function 'rtw89_btc_ntfy_switch_band':
> drivers/net/wireless/realtek/rtw89/coex.c:5406:50: error: writing 1 byte into a region of size 0
> [-Werror=stringop-overflow=]
> 5406 | wl->dbcc_info.scan_band[phy_idx] = band;
> | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~
> drivers/net/wireless/realtek/rtw89/core.h:1441:12: note: at offset [64, 255] into destination object
> 'scan_band' of size 2
> 1441 | u8 scan_band[RTW89_PHY_MAX]; /* scan band in each phy */
> | ^~~~~~~~~
>
> I don't know what happened here, but adding an explicit range check
> shuts up the output.

The callers of these two cases will pass RTW89_PHY_0 (0) as argument of phy_idx,
and will extend to pass RTW89_PHY_1 (1) in the future, but should not be larger
than 1.

I don't mind to add this checking, but I really don't know what happened neither.
A statement 'wl->scan_info.band[phy_idx] = band;' did similar thing in the same
function, but why doesn't gcc complain this?

Next message: Edgecombe, Rick P: "Re: [PATCH RFT v4 2/5] fork: Add shadow stack support to clone3()"
Previous message: Chen Wang: "[PATCH v4 4/4] riscv: dts: add clock generator for Sophgo SG2042 SoC"
In reply to: Arnd Bergmann: "[PATCH] rtw89: avoid stringop-overflow warning"
Next in thread: Kalle Valo: "Re: [PATCH] rtw89: avoid stringop-overflow warning"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]