From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 5A1C5C4332F
	for <linux-kernel@archiver.kernel.org>; Wed, 23 Nov 2022 06:58:13 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S236173AbiKWG6K (ORCPT <rfc822;linux-kernel@archiver.kernel.org>);
        Wed, 23 Nov 2022 01:58:10 -0500
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52724 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S236160AbiKWG6G (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 23 Nov 2022 01:58:06 -0500
Received: from smtp-out1.suse.de (smtp-out1.suse.de [IPv6:2001:67c:2178:6::1c])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6903A623B0
        for <linux-kernel@vger.kernel.org>; Tue, 22 Nov 2022 22:58:00 -0800 (PST)
Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74])
        (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
         key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512)
        (No client certificate requested)
        by smtp-out1.suse.de (Postfix) with ESMTPS id 20D3D220D5;
        Wed, 23 Nov 2022 06:57:59 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_rsa;
        t=1669186679; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc:
         mime-version:mime-version:content-type:content-type:
         in-reply-to:in-reply-to:references:references;
        bh=M5TLWBIzeeRozCRS5KSeBivJwg8owil5kHnaFTAnff8=;
        b=hQ36XFy5IE9xHo4kTzePAIe+EXR8nZnOrTiz67qaXVdcf14LdTJWvoLXT8bObQrwOu11gJ
        HyOvZQVEbDDwV3KCU74VD7W7hHrnzyJw50KtEAbF7E4kjGgdV7pvkHexzemBGGa+HLsr5B
        Pm+UgygUr8iEGgt8/NKNPw9khA1qjJw=
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.de;
        s=susede2_ed25519; t=1669186679;
        h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc:
         mime-version:mime-version:content-type:content-type:
         in-reply-to:in-reply-to:references:references;
        bh=M5TLWBIzeeRozCRS5KSeBivJwg8owil5kHnaFTAnff8=;
        b=EkvfiYHXC3gsq345qPjrl/iVmibUMkL5Qqm0AmKjTlKXmK0isGYkOLKCxjI9gqu3IPJ0dH
        MB+17yy0pQ8ciWDQ==
Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74])
        (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
         key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512)
        (No client certificate requested)
        by imap2.suse-dmz.suse.de (Postfix) with ESMTPS id EE8E413A37;
        Wed, 23 Nov 2022 06:57:58 +0000 (UTC)
Received: from dovecot-director2.suse.de ([192.168.254.65])
        by imap2.suse-dmz.suse.de with ESMTPSA
        id CuZvOXbEfWOERgAAMHmgww
        (envelope-from <tiwai@suse.de>); Wed, 23 Nov 2022 06:57:58 +0000
Date:   Wed, 23 Nov 2022 07:57:59 +0100
Message-ID: <87k03m5f9k.wl-tiwai@suse.de>
From:   Takashi Iwai <tiwai@suse.de>
To:     Baisong Zhong <zhongbaisong@huawei.com>
Cc:     <linux-kernel@vger.kernel.org>, <alsa-devel@alsa-project.org>,
        <perex@perex.cz>, <tiwai@suse.com>
Subject: Re: [PATCH -next v2] ALSA: seq: fix undefined behavior in bit shift for SNDRV_SEQ_FILTER_USE_EVENT
In-Reply-To: <20221121111630.3119259-1-zhongbaisong@huawei.com>
References: <20221121111630.3119259-1-zhongbaisong@huawei.com>
User-Agent: Wanderlust/2.15.9 (Almost Unreal) Emacs/27.2 Mule/6.0
MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue")
Content-Type: text/plain; charset=US-ASCII
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Mon, 21 Nov 2022 12:16:30 +0100,
Baisong Zhong wrote:
> 
> Shifting signed 32-bit value by 31 bits is undefined, so changing
> significant bit to unsigned. The UBSAN warning calltrace like below:
> 
> UBSAN: shift-out-of-bounds in sound/core/seq/seq_clientmgr.c:509:22
> left shift of 1 by 31 places cannot be represented in type 'int'
> ...
> Call Trace:
>  <TASK>
>  dump_stack_lvl+0x8d/0xcf
>  ubsan_epilogue+0xa/0x44
>  __ubsan_handle_shift_out_of_bounds+0x1e7/0x208
>  snd_seq_deliver_single_event.constprop.21+0x191/0x2f0
>  snd_seq_deliver_event+0x1a2/0x350
>  snd_seq_kernel_client_dispatch+0x8b/0xb0
>  snd_seq_client_notify_subscription+0x72/0xa0
>  snd_seq_ioctl_subscribe_port+0x128/0x160
>  snd_seq_kernel_client_ctl+0xce/0xf0
>  snd_seq_oss_create_client+0x109/0x15b
>  alsa_seq_oss_init+0x11c/0x1aa
>  do_one_initcall+0x80/0x440
>  kernel_init_freeable+0x370/0x3c3
>  kernel_init+0x1b/0x190
>  ret_from_fork+0x1f/0x30
>  </TASK>
> 
> Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
> Signed-off-by: Baisong Zhong <zhongbaisong@huawei.com>
> ---
> v2: update all SNDRV_SEQ_FILTER_* to 1U to keep consistent

Thanks, applied now.


Takashi