Received: by 2002:ac0:da4c:0:0:0:0:0 with SMTP id a12csp415342imi; Thu, 21 Jul 2022 03:46:14 -0700 (PDT) X-Google-Smtp-Source: AGRyM1tI3DMAo0d+rSkKclwAny/x3watVlnEboLd5rEqtdByTc2PjjpkqCSN4Wu8PUr/6+CaLtdM X-Received: by 2002:a17:906:844b:b0:72b:54b9:b97d with SMTP id e11-20020a170906844b00b0072b54b9b97dmr41015733ejy.229.1658400373881; Thu, 21 Jul 2022 03:46:13 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1658400373; cv=none; d=google.com; s=arc-20160816; b=kIVlRp9HBC7DF3xI4D6ZVK2DsukA+Ik8QjBDGzNUYausZGB8EoaNixHESaF2TK7+yI nlzTDeRXP7VH0BaeP9ixJQfXjkilYH+i/97JERQr7K81+xeT2tQH6kkcsW/3Kr83XZif fjs4ss6DdNcUyfoUz/j1s8/RpVhtFeRDnJGF4fzF7pFdAXVpZWCJmnomVoYxWBa9Glo1 EaBXbcsdud2aH3Ztv8XrH50dS4yx5d1d6+jYsdW2C1xpkqs5S7qiMNPHsJ9C8nbOCadk R9LVZ0d98qrZtFHLe4kSHNC2UcqUUe7ipwjtmj7RkpA6J94+vHTLrltIuPuKnowin/AA cicg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:in-reply-to:from :references:cc:to:content-language:subject:user-agent:mime-version :date:message-id; bh=8oZTzia/g2ZaOQGARn1d48iy4NaPtgbY3X77Cj2Q6N4=; b=YBnauKWA5kQS3KB0Np0Gp4Z17thaLblaqLU5ZBHNw20IdDPWpYu6Al1AlJkQuDgpej 523RPiKaYaTmtsu4Psffde5MgpoW6kbNUjtanDpFA4GNzpofjU6ybn8JyNXXTz2rUSUo z2QZwGC5y9TbhMZ4bDoLDHsXCHi6HxYplIIcTuOWgTDQdk3Do9vxZKkRFcyTLEXjlutp ISJCs6HDBstkVR7KJEZl4T57ye3zi7L/qZPOHptcXdZ+j9v5tu+2NYwzPEwGBUeL9c4p zioZh3z51kRTUImdJhNYcnvX+71ynAoL1ne0T4G/PRaJ3PbvEdggZevoqiIEaQ6AamdD 0oTw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id gn14-20020a1709070d0e00b0072b2fbd78bcsi2366282ejc.665.2022.07.21.03.45.48; Thu, 21 Jul 2022 03:46:13 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232666AbiGUKak (ORCPT + 99 others); Thu, 21 Jul 2022 06:30:40 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57872 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232607AbiGUKai (ORCPT ); Thu, 21 Jul 2022 06:30:38 -0400 Received: from smtp.smtpout.orange.fr (smtp-20.smtpout.orange.fr [80.12.242.20]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7D27E10EF for ; Thu, 21 Jul 2022 03:30:36 -0700 (PDT) Received: from [192.168.1.18] ([90.11.190.129]) by smtp.orange.fr with ESMTPA id ETRwooD4R0UP7ETRwooLQW; Thu, 21 Jul 2022 12:30:34 +0200 X-ME-Helo: [192.168.1.18] X-ME-Auth: YWZlNiIxYWMyZDliZWIzOTcwYTEyYzlhMmU3ZiQ1M2U2MzfzZDfyZTMxZTBkMTYyNDBjNDJlZmQ3ZQ== X-ME-Date: Thu, 21 Jul 2022 12:30:34 +0200 X-ME-IP: 90.11.190.129 Message-ID: Date: Thu, 21 Jul 2022 12:30:32 +0200 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.9.1 Subject: Re: [PATCH] ASoC: qcom: q6dsp: Fix an off-by-one in q6adm_alloc_copp() Content-Language: en-US To: Dan Carpenter Cc: alsa-devel@alsa-project.org, Banajit Goswami , Harshit Mogalapalli , linux-kernel@vger.kernel.org, kernel-janitors@vger.kernel.org, Takashi Iwai , Liam Girdwood , Mark Brown , Srinivas Kandagatla , Banajit Goswami References: <0fca3271649736053eb9649d87e1ca01b056be40.1658394124.git.christophe.jaillet@wanadoo.fr> <20220721100042.GL2338@kadam> From: Christophe JAILLET In-Reply-To: <20220721100042.GL2338@kadam> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,NICE_REPLY_A, RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Le 21/07/2022 à 12:00, Dan Carpenter a écrit : > On Thu, Jul 21, 2022 at 11:02:22AM +0200, Christophe JAILLET wrote: >> find_first_zero_bit() returns MAX_COPPS_PER_PORT at max here. >> So 'idx' should be tested with ">=" or the test can't match. >> >> Fixes: 7b20b2be51e1 ("ASoC: qdsp6: q6adm: Add q6adm driver") >> Signed-off-by: Christophe JAILLET >> --- >> sound/soc/qcom/qdsp6/q6adm.c | 2 +- >> 1 file changed, 1 insertion(+), 1 deletion(-) >> >> diff --git a/sound/soc/qcom/qdsp6/q6adm.c b/sound/soc/qcom/qdsp6/q6adm.c >> index 01f383888b62..1530e98df165 100644 >> --- a/sound/soc/qcom/qdsp6/q6adm.c >> +++ b/sound/soc/qcom/qdsp6/q6adm.c >> @@ -217,7 +217,7 @@ static struct q6copp *q6adm_alloc_copp(struct q6adm *adm, int port_idx) >> idx = find_first_zero_bit(&adm->copp_bitmap[port_idx], >> MAX_COPPS_PER_PORT); >> >> - if (idx > MAX_COPPS_PER_PORT) >> + if (idx >= MAX_COPPS_PER_PORT) >> return ERR_PTR(-EBUSY); > > Harshit asked me to write a Smatch check to prevent this bug in the > future. I got his email before I got your patch. :P Attached. Well, well, well... Easy to say afterwards. You got 58 mins to write it. :). > > sound/soc/qcom/qdsp6/q6adm.c:220 q6adm_alloc_copp() warn: impossible find_next_bit condition > > I'll probably try to make this check more generic, but even the simple > find_first_zero_bit() version will probably find bugs in the future and > it was pretty simple to write. You could add find_last_bit(), find_next_zero_bit_le() and find_next_bit_le(). > > regards, > dan carpenter > > A reduced version of mine was: @@ expression e1, e2; statement S; @@ ( * e1 = find_first_bit(...); | * e1 = find_last_bit(...); | [... snip ...] ) ... if (e1 > e2) S (and it takes only a few seconds to scan the whole kernel :) )