Timur Tabi
2023-Nov-07 23:47 UTC
[Nouveau] [PATCH] nouveau/gsp: fix UBSAN array bounds warning in PACKED_REGISTRY_TABLE
Change PACKED_REGISTRY_TABLE so that its last member is a variable-length array instead of a zero-length array. UBSAN treats zero-length arrays literally and warns if they are dereferenced. Changing the "[0]" to "[]" tells the compiler that the array is variable-length. This fixes the following warning in function r535_gsp_rpc_set_registry when CONFIG_UBSAN_BOUNDS is enabled: UBSAN: array-index-out-of-bounds in drivers/gpu/drm/nouveau/nvkm/ subdev/gsp/r535.c:1066:33 index 2 is out of range for type 'PACKED_REGISTRY_ENTRY [*]' Fixes: b5bad8c16b9b ("nouveau/gsp: move to 535.113.01") Signed-off-by: Timur Tabi <ttabi at nvidia.com> --- .../include/nvrm/535.113.01/nvidia/generated/g_os_nvoc.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/gpu/drm/nouveau/include/nvrm/535.113.01/nvidia/generated/g_os_nvoc.h b/drivers/gpu/drm/nouveau/include/nvrm/535.113.01/nvidia/generated/g_os_nvoc.h index 754c6af42f30..1d236c68fa30 100644 --- a/drivers/gpu/drm/nouveau/include/nvrm/535.113.01/nvidia/generated/g_os_nvoc.h +++ b/drivers/gpu/drm/nouveau/include/nvrm/535.113.01/nvidia/generated/g_os_nvoc.h @@ -38,7 +38,7 @@ typedef struct PACKED_REGISTRY_TABLE { NvU32 size; NvU32 numEntries; - PACKED_REGISTRY_ENTRY entries[0]; + PACKED_REGISTRY_ENTRY entries[]; } PACKED_REGISTRY_TABLE; #endif -- 2.34.1
Danilo Krummrich
2023-Nov-07 23:52 UTC
[Nouveau] [PATCH] nouveau/gsp: fix UBSAN array bounds warning in PACKED_REGISTRY_TABLE
On 11/8/23 00:47, Timur Tabi wrote:> Change PACKED_REGISTRY_TABLE so that its last member is a variable-length > array instead of a zero-length array. UBSAN treats zero-length arrays > literally and warns if they are dereferenced. Changing the "[0]" to "[]" > tells the compiler that the array is variable-length.Do you also intend to fix this upstream? (And with upstream I mean the open-gpu-kernel-modules in this case.)> > This fixes the following warning in function r535_gsp_rpc_set_registry > when CONFIG_UBSAN_BOUNDS is enabled: > > UBSAN: array-index-out-of-bounds in drivers/gpu/drm/nouveau/nvkm/ > subdev/gsp/r535.c:1066:33 > index 2 is out of range for type 'PACKED_REGISTRY_ENTRY [*]' > > Fixes: b5bad8c16b9b ("nouveau/gsp: move to 535.113.01") > Signed-off-by: Timur Tabi <ttabi at nvidia.com> > --- > .../include/nvrm/535.113.01/nvidia/generated/g_os_nvoc.h | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/drivers/gpu/drm/nouveau/include/nvrm/535.113.01/nvidia/generated/g_os_nvoc.h b/drivers/gpu/drm/nouveau/include/nvrm/535.113.01/nvidia/generated/g_os_nvoc.h > index 754c6af42f30..1d236c68fa30 100644 > --- a/drivers/gpu/drm/nouveau/include/nvrm/535.113.01/nvidia/generated/g_os_nvoc.h > +++ b/drivers/gpu/drm/nouveau/include/nvrm/535.113.01/nvidia/generated/g_os_nvoc.h > @@ -38,7 +38,7 @@ typedef struct PACKED_REGISTRY_TABLE > { > NvU32 size; > NvU32 numEntries; > - PACKED_REGISTRY_ENTRY entries[0]; > + PACKED_REGISTRY_ENTRY entries[]; > } PACKED_REGISTRY_TABLE; > > #endif