My compiler complains about:
drivers/net/wireless/realtek/rtw88/phy.c: In function ‘rtw_phy_rf_power_2_rssi’:
drivers/net/wireless/realtek/rtw88/phy.c:430:26: warning: array subscript is above array bounds [-Warray-bounds]
linear = db_invert_table[i][j];
According to comment power_db should be in range 1 ~ 96 .
To fix add check for boundaries before access the array.
Signed-off-by: Stanislaw Gruszka <[email protected]>
---
RFC -> v1
- add check before accessing the array insted of
rtw_phy_power_2_db() change.
drivers/net/wireless/realtek/rtw88/phy.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/drivers/net/wireless/realtek/rtw88/phy.c b/drivers/net/wireless/realtek/rtw88/phy.c
index 4381b360b5b5..9ca52a4d025a 100644
--- a/drivers/net/wireless/realtek/rtw88/phy.c
+++ b/drivers/net/wireless/realtek/rtw88/phy.c
@@ -423,6 +423,11 @@ static u64 rtw_phy_db_2_linear(u8 power_db)
u8 i, j;
u64 linear;
+ if (power_db > 96)
+ power_db = 96;
+ else if (power_db < 1)
+ power_db = 1;
+
/* 1dB ~ 96dB */
i = (power_db - 1) >> 3;
j = (power_db - 1) - (i << 3);
--
2.20.1
> Subject: [PATCH 5.1] rtw88: fix subscript above array bounds compiler warning
>
> My compiler complains about:
>
> drivers/net/wireless/realtek/rtw88/phy.c: In function
> ‘rtw_phy_rf_power_2_rssi’:
> drivers/net/wireless/realtek/rtw88/phy.c:430:26: warning: array subscript is
> above array bounds [-Warray-bounds]
> linear = db_invert_table[i][j];
>
> According to comment power_db should be in range 1 ~ 96 .
> To fix add check for boundaries before access the array.
>
> Signed-off-by: Stanislaw Gruszka <[email protected]>
> ---
> RFC -> v1
> - add check before accessing the array insted of
> rtw_phy_power_2_db() change.
>
> drivers/net/wireless/realtek/rtw88/phy.c | 5 +++++
> 1 file changed, 5 insertions(+)
>
> diff --git a/drivers/net/wireless/realtek/rtw88/phy.c
> b/drivers/net/wireless/realtek/rtw88/phy.c
> index 4381b360b5b5..9ca52a4d025a 100644
> --- a/drivers/net/wireless/realtek/rtw88/phy.c
> +++ b/drivers/net/wireless/realtek/rtw88/phy.c
> @@ -423,6 +423,11 @@ static u64 rtw_phy_db_2_linear(u8 power_db)
> u8 i, j;
> u64 linear;
>
> + if (power_db > 96)
> + power_db = 96;
> + else if (power_db < 1)
> + power_db = 1;
I think it's "return 1" here.
> +
> /* 1dB ~ 96dB */
> i = (power_db - 1) >> 3;
> j = (power_db - 1) - (i << 3);
> --
Yan-Hsuan
On Mon, May 06, 2019 at 06:32:01AM +0000, Tony Chuang wrote:
> > Subject: [PATCH 5.1] rtw88: fix subscript above array bounds compiler warning
> >
> > My compiler complains about:
> >
> > drivers/net/wireless/realtek/rtw88/phy.c: In function
> > ‘rtw_phy_rf_power_2_rssi’:
> > drivers/net/wireless/realtek/rtw88/phy.c:430:26: warning: array subscript is
> > above array bounds [-Warray-bounds]
> > linear = db_invert_table[i][j];
> >
> > According to comment power_db should be in range 1 ~ 96 .
> > To fix add check for boundaries before access the array.
> >
> > Signed-off-by: Stanislaw Gruszka <[email protected]>
> > ---
> > RFC -> v1
> > - add check before accessing the array insted of
> > rtw_phy_power_2_db() change.
> >
> > drivers/net/wireless/realtek/rtw88/phy.c | 5 +++++
> > 1 file changed, 5 insertions(+)
> >
> > diff --git a/drivers/net/wireless/realtek/rtw88/phy.c
> > b/drivers/net/wireless/realtek/rtw88/phy.c
> > index 4381b360b5b5..9ca52a4d025a 100644
> > --- a/drivers/net/wireless/realtek/rtw88/phy.c
> > +++ b/drivers/net/wireless/realtek/rtw88/phy.c
> > @@ -423,6 +423,11 @@ static u64 rtw_phy_db_2_linear(u8 power_db)
> > u8 i, j;
> > u64 linear;
> >
> > + if (power_db > 96)
> > + power_db = 96;
> > + else if (power_db < 1)
> > + power_db = 1;
>
> I think it's "return 1" here.
Ehh, I missed that in your comment. However 'return 1' change
the output of rtw_phy_db_2_linear() quite substantially
as the smallest value (for power_db = 1) from db_invert_table[][]
is 10. I'll post v2 patch, but please double check it's indeed
correct logic. Thanks.
Stanislaw
> Subject: Re: [PATCH 5.1] rtw88: fix subscript above array bounds compiler
> warning
>
> On Mon, May 06, 2019 at 06:32:01AM +0000, Tony Chuang wrote:
> > > Subject: [PATCH 5.1] rtw88: fix subscript above array bounds compiler
> warning
> > >
> > > My compiler complains about:
> > >
> > > drivers/net/wireless/realtek/rtw88/phy.c: In function
> > > ‘rtw_phy_rf_power_2_rssi’:
> > > drivers/net/wireless/realtek/rtw88/phy.c:430:26: warning: array subscript is
> > > above array bounds [-Warray-bounds]
> > > linear = db_invert_table[i][j];
> > >
> > > According to comment power_db should be in range 1 ~ 96 .
> > > To fix add check for boundaries before access the array.
> > >
> > > Signed-off-by: Stanislaw Gruszka <[email protected]>
> > > ---
> > > RFC -> v1
> > > - add check before accessing the array insted of
> > > rtw_phy_power_2_db() change.
> > >
> > > drivers/net/wireless/realtek/rtw88/phy.c | 5 +++++
> > > 1 file changed, 5 insertions(+)
> > >
> > > diff --git a/drivers/net/wireless/realtek/rtw88/phy.c
> > > b/drivers/net/wireless/realtek/rtw88/phy.c
> > > index 4381b360b5b5..9ca52a4d025a 100644
> > > --- a/drivers/net/wireless/realtek/rtw88/phy.c
> > > +++ b/drivers/net/wireless/realtek/rtw88/phy.c
> > > @@ -423,6 +423,11 @@ static u64 rtw_phy_db_2_linear(u8 power_db)
> > > u8 i, j;
> > > u64 linear;
> > >
> > > + if (power_db > 96)
> > > + power_db = 96;
> > > + else if (power_db < 1)
> > > + power_db = 1;
> >
> > I think it's "return 1" here.
>
> Ehh, I missed that in your comment. However 'return 1' change
> the output of rtw_phy_db_2_linear() quite substantially
> as the smallest value (for power_db = 1) from db_invert_table[][]
> is 10. I'll post v2 patch, but please double check it's indeed
> correct logic. Thanks.
>
I think "return 1" is correct because 0 is not in domain 1~96.
And indeed anything to the power of zero is 1.
Thanks.
Yan-Hsuan