review.tizen.org Git - platform/kernel/linux-rpi.git/commit

author	Rohit kumar <rohitkr@codeaurora.org>
	Tue, 11 Sep 2018 09:29:21 +0000 (14:59 +0530)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Sat, 20 Apr 2019 07:16:00 +0000 (09:16 +0200)
commit	7fcce1828e5f840e5c3f0301508052703ed9bb84
tree	fb36e27b7c674441e99a17b4eb4b9ac6747afdd4	tree \| snapshot
parent	4369f8a38085347d9cf78fe6261b1296f664132c	commit \| diff

ASoC: Fix UBSAN warning at snd_soc_get/put_volsw_sx()

[ Upstream commit ae7d1247d8673ebfd686b17e759d4be391165368 ]

In functions snd_soc_get_volsw_sx() or snd_soc_put_volsw_sx(),
if the result of (min + max) is negative, then fls() returns
signed integer with value as 32. This leads to signed integer
overflow as complete operation is considered as signed integer.

UBSAN: Undefined behaviour in sound/soc/soc-ops.c:382:50
signed integer overflow:
-2147483648 - 1 cannot be represented in type 'int'
Call trace:
[<ffffff852f746fe4>] __dump_stack lib/dump_stack.c:15 [inline]
[<ffffff852f746fe4>] dump_stack+0xec/0x158 lib/dump_stack.c:51
[<ffffff852f7b5f3c>] ubsan_epilogue+0x18/0x50 lib/ubsan.c:164
[<ffffff852f7b6840>] handle_overflow+0xf8/0x130 lib/ubsan.c:195
[<ffffff852f7b68f0>] __ubsan_handle_sub_overflow+0x34/0x44 lib/ubsan.c:211
[<ffffff85307971a0>] snd_soc_get_volsw_sx+0x1a8/0x1f8 sound/soc/soc-ops.c:382

Typecast the operation to unsigned int to fix the issue.

Signed-off-by: Rohit kumar <rohitkr@codeaurora.org>
Signed-off-by: Mark Brown <broonie@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>