Received: by 10.223.185.116 with SMTP id b49csp336914wrg;
        Thu, 15 Feb 2018 23:07:44 -0800 (PST)
X-Google-Smtp-Source: AH8x225RwwBqMWAs+3Xm35NRiwEJdwuiWGXoWbWIfIyEObiXnC5i2iBtzJs8u5aKBI0ja+k0JFbk
X-Received: by 10.99.125.74 with SMTP id m10mr4510852pgn.354.1518764864524;
        Thu, 15 Feb 2018 23:07:44 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1518764864; cv=none;
        d=google.com; s=arc-20160816;
        b=Rhg/h6JiCuI6gST0ZuxVM9pzalrRF3UBJcye5nW0hB1OUkm/Fp/nn8I+CCQkOd0bry
         uddeA1T+fqxD675g2L6Ta9n7+tFJmcapJBiI7BpGHjSPygrcSv1nscJ9PY9vOwDdn9QF
         oeeRyQbIsepqcALCinMRNiQ5IRDfo2gB2EMW7k6tbphi2fWf5A5q6zrUUOCmIeCpkJpO
         i7wJyfhgrB3y3RzEofpRdVgmPEHJQ/w8qLfhEdTNWK4NhF98e3Q8qjWWz8zliumZYjAV
         rk6tyvPDEzApo0Y2FWJJhDHuFJWNhrf6TgwtbezMtjbav0UgDX2a2ZAeo7Z5ONOfaEsq
         GKpA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding
         :content-language:in-reply-to:mime-version:user-agent:date
         :message-id:from:references:cc:to:subject:arc-authentication-results;
        bh=MCrXoUWatcL/tt0Wkp7CVVG30HLeDNfdj/g9CyUnwCg=;
        b=Ct3VXdD1wVZXSnbiH2lv7Jh7YOjksLXRvVnttiZSK/f+zQMfPQucVVfEyGyySlgtPB
         G734HLhMyy1YScFG6WdoegW+GlUIDSYsZ7IlFdTG+oDo0afv9KpBIRPQS9rjVUN1KOXG
         8fZGkTyE/mx7Emw5Nbk4CZhuBVHM/Zxlebkk3VqHwXbWE14lzsUO5cahjoW6baEhljgo
         AcqWSdeb7mG+ENbkmy7+7wLNFBNGeZbwDBMc7vmijj9taRcpa8LAWgh3c0Lum821yfWm
         MIneDyrL7y89e6C4FzchfKgqnd0nhhGi6wyr760Mj0jm5WFF3DECM+KjCN9aN2eqgR0u
         2/7w==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id q10si2588265pgp.285.2018.02.15.23.07.29;
        Thu, 15 Feb 2018 23:07:44 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1425559AbeBOQMw (ORCPT <rfc822;kkdevenda@gmail.com> + 99 others);
        Thu, 15 Feb 2018 11:12:52 -0500
Received: from gateway24.websitewelcome.com ([192.185.50.66]:40428 "EHLO
        gateway24.websitewelcome.com" rhost-flags-OK-OK-OK-OK)
        by vger.kernel.org with ESMTP id S1424433AbeBOQMt (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 15 Feb 2018 11:12:49 -0500
Received: from cm15.websitewelcome.com (cm15.websitewelcome.com [100.42.49.9])
        by gateway24.websitewelcome.com (Postfix) with ESMTP id 59EB931AC
        for <linux-kernel@vger.kernel.org>; Thu, 15 Feb 2018 10:12:48 -0600 (CST)
Received: from gator4166.hostgator.com ([108.167.133.22])
        by cmsmtp with SMTP
        id mM9Qe4718mzEzmM9Qe5K7d; Thu, 15 Feb 2018 10:12:48 -0600
Received: from [189.175.4.238] (port=45690 helo=[192.168.1.66])
        by gator4166.hostgator.com with esmtpsa (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128)
        (Exim 4.89_1)
        (envelope-from <garsilva@embeddedor.com>)
        id 1emM9P-003uyJ-UQ; Thu, 15 Feb 2018 10:12:48 -0600
Subject: Re: [PATCH v3 4/8] i2c: ov9650: use 64-bit arithmetic instead of
 32-bit
To:     Hans Verkuil <hverkuil@xs4all.nl>,
        Sakari Ailus <sakari.ailus@iki.fi>,
        "Gustavo A. R. Silva" <gustavo@embeddedor.com>
Cc:     Mauro Carvalho Chehab <mchehab@kernel.org>,
        linux-media@vger.kernel.org, linux-kernel@vger.kernel.org
References: <cover.1517929336.git.gustavo@embeddedor.com>
 <6f6fd607cf3428d6ab115f1deaa82c4963b170f1.1517929336.git.gustavo@embeddedor.com>
 <20180207215944.quwowjy52dclk7uc@valkosipuli.retiisi.org.uk>
 <3518830f-180c-2bf0-1319-eb4af8cc556f@embeddedor.com>
 <16032bbb-5063-4f94-bebd-3f512bed8199@xs4all.nl>
From:   "Gustavo A. R. Silva" <garsilva@embeddedor.com>
Message-ID: <46ae5358-0f35-55f2-b324-17d211a24aa1@embeddedor.com>
Date:   Thu, 15 Feb 2018 10:12:46 -0600
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101
 Thunderbird/52.6.0
MIME-Version: 1.0
In-Reply-To: <16032bbb-5063-4f94-bebd-3f512bed8199@xs4all.nl>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 8bit
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - gator4166.hostgator.com
X-AntiAbuse: Original Domain - vger.kernel.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - embeddedor.com
X-BWhitelist: no
X-Source-IP: 189.175.4.238
X-Source-L: No
X-Exim-ID: 1emM9P-003uyJ-UQ
X-Source: 
X-Source-Args: 
X-Source-Dir: 
X-Source-Sender: ([192.168.1.66]) [189.175.4.238]:45690
X-Source-Auth: garsilva@embeddedor.com
X-Email-Count: 27
X-Source-Cap: Z3V6aWRpbmU7Z3V6aWRpbmU7Z2F0b3I0MTY2Lmhvc3RnYXRvci5jb20=
X-Local-Domain: yes
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org



On 02/15/2018 07:52 AM, Hans Verkuil wrote:
> On 08/02/18 17:39, Gustavo A. R. Silva wrote:
>> Hi Sakari,
>>
>> On 02/07/2018 03:59 PM, Sakari Ailus wrote:
>>> Hi Gustavo,
>>>
>>> On Tue, Feb 06, 2018 at 10:47:50AM -0600, Gustavo A. R. Silva wrote:
>>>> Add suffix ULL to constants 10000 and 1000000 in order to give the
>>>> compiler complete information about the proper arithmetic to use.
>>>> Notice that these constants are used in contexts that expect
>>>> expressions of type u64 (64 bits, unsigned).
>>>>
>>>> The following expressions:
>>>>
>>>> (u64)(fi->interval.numerator * 10000)
>>>> (u64)(iv->interval.numerator * 10000)
>>>> fiv->interval.numerator * 1000000 / fiv->interval.denominator
>>>>
>>>> are currently being evaluated using 32-bit arithmetic.
>>>>
>>>> Notice that those casts to u64 for the first two expressions are only
>>>> effective after such expressions are evaluated using 32-bit arithmetic,
>>>> which leads to potential integer overflows. So based on those casts, it
>>>> seems that the original intention of the code is to actually use 64-bit
>>>> arithmetic instead of 32-bit.
>>>>
>>>> Also, notice that once the suffix ULL is added to the constants, the
>>>> outer casts to u64 are no longer needed.
>>>>
>>>> Addresses-Coverity-ID: 1324146 ("Unintentional integer overflow")
>>>> Fixes: 84a15ded76ec ("[media] V4L: Add driver for OV9650/52 image sensors")
>>>> Fixes: 79211c8ed19c ("remove abs64()")
>>>> Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com>
>>>> ---
>>>> Changes in v2:
>>>>    - Update subject and changelog to better reflect the proposed code changes.
>>>>    - Add suffix ULL to constants instead of casting variables.
>>>>    - Remove unnecessary casts to u64 as part of the code change.
>>>>    - Extend the same code change to other similar expressions.
>>>>
>>>> Changes in v3:
>>>>    - None.
>>>>
>>>>    drivers/media/i2c/ov9650.c | 9 +++++----
>>>>    1 file changed, 5 insertions(+), 4 deletions(-)
>>>>
>>>> diff --git a/drivers/media/i2c/ov9650.c b/drivers/media/i2c/ov9650.c
>>>> index e519f27..e716e98 100644
>>>> --- a/drivers/media/i2c/ov9650.c
>>>> +++ b/drivers/media/i2c/ov9650.c
>>>> @@ -1130,7 +1130,7 @@ static int __ov965x_set_frame_interval(struct ov965x *ov965x,
>>>>        if (fi->interval.denominator == 0)
>>>>            return -EINVAL;
>>>>    -    req_int = (u64)(fi->interval.numerator * 10000) /
>>>> +    req_int = fi->interval.numerator * 10000ULL /
>>>>            fi->interval.denominator;
>>>
>>> This has been addressed by your earlier patch "i2c: ov9650: fix potential integer overflow in
>>> __ov965x_set_frame_interval" I tweaked a little. It's not in media tree
>>> master yet.
>>>
>>
>> Yeah. Actually this patch is supposed to be an improved version of the one you mention. That is why this is version 3.
>>
>> Also, I wonder if the same issue you mention below regarding 32-bit ARM applies in this case too?
>>
>>>>          for (i = 0; i < ARRAY_SIZE(ov965x_intervals); i++) {
>>>> @@ -1139,7 +1139,7 @@ static int __ov965x_set_frame_interval(struct ov965x *ov965x,
>>>>            if (mbus_fmt->width != iv->size.width ||
>>>>                mbus_fmt->height != iv->size.height)
>>>>                continue;
>>>> -        err = abs((u64)(iv->interval.numerator * 10000) /
>>>> +        err = abs(iv->interval.numerator * 10000ULL /
>>>
>>> This and the chunk below won't work on e.g. 32-bit ARM. do_div(), please.
>>>
>>
>> Thanks for pointing this out.
>>
>>>>                    iv->interval.denominator - req_int);
>>>>            if (err < min_err) {
>>>>                fiv = iv;
>>>> @@ -1148,8 +1148,9 @@ static int __ov965x_set_frame_interval(struct ov965x *ov965x,
>>>>        }
>>>>        ov965x->fiv = fiv;
>>>>    -    v4l2_dbg(1, debug, &ov965x->sd, "Changed frame interval to %u us\n",
>>>> -         fiv->interval.numerator * 1000000 / fiv->interval.denominator);
>>>> +    v4l2_dbg(1, debug, &ov965x->sd, "Changed frame interval to %llu us\n",
>>>> +         fiv->interval.numerator * 1000000ULL /
>>>> +         fiv->interval.denominator);
>>
>> I wonder if do_div should be used for the code above?
> 
> Yes, do_div should be used.
>

I got it.

Thanks, Hans.
--
Gustavo