On Wed, 22 Jun 2016, Wilfried Klaebe wrote: > Am Wed, Jun 22, 2016 at 07:56:49AM -0700 schrieb Greg KH: > > On Wed, Jun 22, 2016 at 12:11:08PM +0200, Wilfried Klaebe wrote: > > > Hi. > > > > > > In linux-4.7-rc3, I activated CONFIG_UBSAN and started reporting results > > > by opening bugs in bugzilla.kernel.org. This was first about a UBSAN > > > splat in drivers/usb/host/ehci-hub.c:877:47 about which I wrote in > > > <https://bugzilla.kernel.org/show_bug.cgi?id=120361>. GregKH asked if > > > this was fixed in linux-next, but in linux-next-20160616 there was a > > > different splat (index 2 out of range instead of index -1 out of range) > > > in drivers/usb/host/ehci-hub.c:889:34. I got asked to report here. > > > That last splat persists until at least linux-next-20160622. > > > > > > Is there anything else you need? > > > > Is this still in 4.7-rc4? All of the reported ubsan fixes for USB > > should now be in there. > > It is. > > > If not, can you provide the full "splat" here? > > dmesg attached, including UBSAN message and following further ehci messages. > > Regards, > Wilfried Please test this patch. Index: usb-4.x/include/linux/usb/ehci_def.h =================================================================== --- usb-4.x.orig/include/linux/usb/ehci_def.h +++ usb-4.x/include/linux/usb/ehci_def.h @@ -180,11 +180,11 @@ struct ehci_regs { * PORTSCx */ /* HOSTPC: offset 0x84 */ - u32 hostpc[1]; /* HOSTPC extension */ + u32 hostpc[0]; /* HOSTPC extension */ #define HOSTPC_PHCD (1<<22) /* Phy clock disable */ #define HOSTPC_PSPD (3<<25) /* Port speed detection */ - u32 reserved5[16]; + u32 reserved5[17]; /* USBMODE_EX: offset 0xc8 */ u32 usbmode_ex; /* USB Device mode extension */ By coincidence, it turns out that I'm the person responsible for the other UBSAN complaint in your log. Please see if the following patch fixes it. Alan Stern Index: usb-4.x/drivers/scsi/scsi_devinfo.c =================================================================== --- usb-4.x.orig/drivers/scsi/scsi_devinfo.c +++ usb-4.x/drivers/scsi/scsi_devinfo.c @@ -429,7 +429,7 @@ static struct scsi_dev_info_list *scsi_d * here, and we don't know what device it is * trying to work with, leave it as-is. */ - vmax = 8; /* max length of vendor */ + vmax = sizeof(devinfo->vendor); vskip = vendor; while (vmax > 0 && *vskip == ' ') { vmax--; @@ -439,7 +439,7 @@ static struct scsi_dev_info_list *scsi_d while (vmax > 0 && vskip[vmax - 1] == ' ') --vmax; - mmax = 16; /* max length of model */ + mmax = sizeof(devinfo->model); mskip = model; while (mmax > 0 && *mskip == ' ') { mmax--; @@ -455,10 +455,12 @@ static struct scsi_dev_info_list *scsi_d * Behave like the older version of get_device_flags. */ if (memcmp(devinfo->vendor, vskip, vmax) || - devinfo->vendor[vmax]) + (vmax < sizeof(devinfo->vendor) && + devinfo->vendor[vmax])) continue; if (memcmp(devinfo->model, mskip, mmax) || - devinfo->model[mmax]) + (mmax < sizeof(devinfo->model) && + devinfo->model[mmax])) continue; return devinfo; } else { -- To unsubscribe from this list: send the line "unsubscribe linux-usb" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
