The constant AD74413R_ADC_RESULT_MAX is defined via GENMASK, so its
type is "unsigned long".
Hence in the expression voltage_offset * AD74413R_ADC_RESULT_MAX,
voltage_offset is first promoted to unsigned long, and since it may be
negative, that results in a garbage value. For example, when range is
AD74413R_ADC_RANGE_5V_BI_DIR, voltage_offset is -2500 and
voltage_range is 5000, so the RHS of this assignment is, depending on
sizeof(long), either 826225UL or 3689348814709142UL, which after
truncation to int then results in either 826225 or 1972216214 being
the output from in_currentX_offset.
Casting to int avoids that promotion and results in the correct -32767
output.
Signed-off-by: Rasmus Villemoes <[email protected]>
---
drivers/iio/addac/ad74413r.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/iio/addac/ad74413r.c b/drivers/iio/addac/ad74413r.c
index 899bcd83f40b..e0e130ba9d3e 100644
--- a/drivers/iio/addac/ad74413r.c
+++ b/drivers/iio/addac/ad74413r.c
@@ -691,7 +691,7 @@ static int ad74413_get_input_current_offset(struct ad74413r_state *st,
if (ret)
return ret;
- *val = voltage_offset * AD74413R_ADC_RESULT_MAX / voltage_range;
+ *val = voltage_offset * (int)AD74413R_ADC_RESULT_MAX / voltage_range;
return IIO_VAL_INT;
}
--
2.37.2
> From: Rasmus Villemoes <[email protected]>
> Sent: Friday, November 18, 2022 1:32 PM
> To: Tanislav, Cosmin <[email protected]>; Lars-Peter Clausen
> <[email protected]>; Hennerich, Michael <[email protected]>;
> Jonathan Cameron <[email protected]>
> Cc: Rasmus Villemoes <[email protected]>; linux-
> [email protected]; [email protected]
> Subject: [PATCH] iio: addac: ad74413r: fix integer promotion bug in
> ad74413_get_input_current_offset()
>
> [External]
>
> The constant AD74413R_ADC_RESULT_MAX is defined via GENMASK, so its
> type is "unsigned long".
>
> Hence in the expression voltage_offset * AD74413R_ADC_RESULT_MAX,
> voltage_offset is first promoted to unsigned long, and since it may be
> negative, that results in a garbage value. For example, when range is
> AD74413R_ADC_RANGE_5V_BI_DIR, voltage_offset is -2500 and
> voltage_range is 5000, so the RHS of this assignment is, depending on
> sizeof(long), either 826225UL or 3689348814709142UL, which after
> truncation to int then results in either 826225 or 1972216214 being
> the output from in_currentX_offset.
>
> Casting to int avoids that promotion and results in the correct -32767
> output.
>
> Signed-off-by: Rasmus Villemoes <[email protected]>
> ---
After adding proper Fixes: tag,
Reviewed-by: Nuno S? <[email protected]>
On 18/11/2022 14.17, Sa, Nuno wrote:
>> Casting to int avoids that promotion and results in the correct -32767
>> output.
>>
>> Signed-off-by: Rasmus Villemoes <[email protected]>
>> ---
>
> After adding proper Fixes: tag,
>
> Reviewed-by: Nuno Sá <[email protected]>
That would be
Fixes: fea251b6a5db (iio: addac: add AD74413R driver)
Thanks,
Rasmus
On Fri, 18 Nov 2022 14:29:23 +0100
Rasmus Villemoes <[email protected]> wrote:
> On 18/11/2022 14.17, Sa, Nuno wrote:
>
> >> Casting to int avoids that promotion and results in the correct -32767
> >> output.
> >>
> >> Signed-off-by: Rasmus Villemoes <[email protected]>
> >> ---
> >
> > After adding proper Fixes: tag,
> >
> > Reviewed-by: Nuno Sá <[email protected]>
>
> That would be
>
> Fixes: fea251b6a5db (iio: addac: add AD74413R driver)
>
Applied to the togreg branch of iio.git (as very late in cycle)
and marked for stable.
Thanks,
Jonathan
> Thanks,
> Rasmus
>