>>> On 15.03.19 at 17:07, <andrew.coop...@citrix.com> wrote:
> On 07/03/2019 10:31, Jan Beulich wrote:
>> e820.c: In function ‘clip_to_limit’:
>> .../xen/include/asm/string.h:10:26: error: ‘__builtin_memmove’ offset [-16,
> -36] is out of the bounds [0, 20484] of
>> object ‘e820’ with type ‘struct e820map’ [-Werror=array-bounds]
>> 10 | #define memmove(d, s, n) __builtin_memmove(d, s, n)
>> | ^~~~~~~~~~~~~~~~~~~~~~~~~~
>> e820.c:404:13: note: in expansion of macro ‘memmove’
>> 404 | memmove(&e820.map[i], &e820.map[i+1],
>> | ^~~~~~~
>> e820.c:36:16: note: ‘e820’ declared here
>> 36 | struct e820map e820;
>> | ^~~~
>>
>> While I can't see where the negative offsets would come from, converting
>> the loop index to unsigned type helps. Take the opportunity and also
>> convert several other local variables and copy_e820_map()'s second
>> parameter to unsigned int (and bool in one case).
>>
>> Reported-by: Charles Arnold <carn...@suse.com>
>> Signed-off-by: Jan Beulich <jbeul...@suse.com>
>
> Acked-by: Andrew Cooper <andrew.coop...@citrix.com>, with one request.
Thanks.
>> --- a/xen/arch/x86/e820.c
>> +++ b/xen/arch/x86/e820.c
>> @@ -304,7 +300,7 @@ int __init sanitize_e820_map(struct e820
>> * thinkpad 560x, for example, does not cooperate with the memory
>> * detection code.)
>> */
>> -static int __init copy_e820_map(struct e820entry * biosmap, int nr_map)
>> +static int __init copy_e820_map(struct e820entry * biosmap, unsigned int
>> nr_map)
>> {
>> /* Only one memory region (or negative)? Ignore it */
>
> This comment is now stale. I'd just drop the bit in brackets.
Sure, will do.
Jan
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
