diff mbox series

acpi/arm64: Adjust error handling procedure in gtdt_parse_timer_block()

Message ID 20240827101239.22020-1-amishin@t-argos.ru (mailing list archive)
State New, archived
Headers show
Series acpi/arm64: Adjust error handling procedure in gtdt_parse_timer_block() | expand

Commit Message

Aleksandr Mishin Aug. 27, 2024, 10:12 a.m. UTC
In case of error in gtdt_parse_timer_block() invalid 'gtdt_frame'
will be used in 'do {} while (i-- >= 0 && gtdt_frame--);' statement block
because do{} block will be executed even if 'i == 0'.

Adjust error handling procedure by replacing 'i-- >= 0' with 'i-- > 0'.

Found by Linux Verification Center (linuxtesting.org) with SVACE.

Fixes: a712c3ed9b8a ("acpi/arm64: Add memory-mapped timer support in GTDT driver")
Signed-off-by: Aleksandr Mishin <amishin@t-argos.ru>
---
 drivers/acpi/arm64/gtdt.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Comments

Hanjun Guo Aug. 29, 2024, 1:52 p.m. UTC | #1
On 2024/8/27 18:12, Aleksandr Mishin wrote:
> In case of error in gtdt_parse_timer_block() invalid 'gtdt_frame'
> will be used in 'do {} while (i-- >= 0 && gtdt_frame--);' statement block
> because do{} block will be executed even if 'i == 0'.
> 
> Adjust error handling procedure by replacing 'i-- >= 0' with 'i-- > 0'.
> 
> Found by Linux Verification Center (linuxtesting.org) with SVACE.
> 
> Fixes: a712c3ed9b8a ("acpi/arm64: Add memory-mapped timer support in GTDT driver")
> Signed-off-by: Aleksandr Mishin <amishin@t-argos.ru>
> ---
>   drivers/acpi/arm64/gtdt.c | 2 +-
>   1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/drivers/acpi/arm64/gtdt.c b/drivers/acpi/arm64/gtdt.c
> index c0e77c1c8e09..eb6c2d360387 100644
> --- a/drivers/acpi/arm64/gtdt.c
> +++ b/drivers/acpi/arm64/gtdt.c
> @@ -283,7 +283,7 @@ static int __init gtdt_parse_timer_block(struct acpi_gtdt_timer_block *block,
>   		if (frame->virt_irq > 0)
>   			acpi_unregister_gsi(gtdt_frame->virtual_timer_interrupt);
>   		frame->virt_irq = 0;
> -	} while (i-- >= 0 && gtdt_frame--);
> +	} while (i-- > 0 && gtdt_frame--);

Good catch,

Acked-by: Hanjun Guo <guohanjun@huawei.com>

It's a fix in the error path, so I think it's OK for next release cycle.

Thanks
Hanjun
Sudeep Holla Aug. 29, 2024, 4:17 p.m. UTC | #2
On Tue, Aug 27, 2024 at 01:12:39PM +0300, Aleksandr Mishin wrote:
> In case of error in gtdt_parse_timer_block() invalid 'gtdt_frame'
> will be used in 'do {} while (i-- >= 0 && gtdt_frame--);' statement block
> because do{} block will be executed even if 'i == 0'.
> 
> Adjust error handling procedure by replacing 'i-- >= 0' with 'i-- > 0'.
> 
> Found by Linux Verification Center (linuxtesting.org) with SVACE.
>

(For some reason I don't see the original email in my inbox, might have
got blocked 
Sudeep Holla Aug. 29, 2024, 4:24 p.m. UTC | #3
On Thu, Aug 29, 2024 at 05:17:44PM +0100, Sudeep Holla wrote:
> On Tue, Aug 27, 2024 at 01:12:39PM +0300, Aleksandr Mishin wrote:
> > In case of error in gtdt_parse_timer_block() invalid 'gtdt_frame'
> > will be used in 'do {} while (i-- >= 0 && gtdt_frame--);' statement block
> > because do{} block will be executed even if 'i == 0'.
> > 
> > Adjust error handling procedure by replacing 'i-- >= 0' with 'i-- > 0'.
> > 
> > Found by Linux Verification Center (linuxtesting.org) with SVACE.
> >
> 
> (For some reason I don't see the original email in my inbox, might have
> got blocked 
diff mbox series

Patch

diff --git a/drivers/acpi/arm64/gtdt.c b/drivers/acpi/arm64/gtdt.c
index c0e77c1c8e09..eb6c2d360387 100644
--- a/drivers/acpi/arm64/gtdt.c
+++ b/drivers/acpi/arm64/gtdt.c
@@ -283,7 +283,7 @@  static int __init gtdt_parse_timer_block(struct acpi_gtdt_timer_block *block,
 		if (frame->virt_irq > 0)
 			acpi_unregister_gsi(gtdt_frame->virtual_timer_interrupt);
 		frame->virt_irq = 0;
-	} while (i-- >= 0 && gtdt_frame--);
+	} while (i-- > 0 && gtdt_frame--);
 
 	return -EINVAL;
 }