From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mail-ot1-f47.google.com (mail-ot1-f47.google.com [209.85.210.47])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id E3F7340DFBE
	for <linux-kernel@vger.kernel.org>; Sat,  2 May 2026 02:38:49 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.47
ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1777689531; cv=none; b=haETgWXpvJwGEZA8E/aPPgF024cSJdbtPGyxDy0tUd4Py5sDC01PmjWuTxAk6rPaCGnmQjal7wSTyniLcJQ49eHl4W4eMRAdUNDKnbdL/MWoetXcPq48KINV+Yh16vu3d8BljLp4+ecyoimT+YVYgZldmnE1rvPk1SBh296okvw=
ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1777689531; c=relaxed/simple;
	bh=fP2IrNZRFDG5V49iaYh/E8kr6Irg3C/V52/GNN5J7XQ=;
	h=Mime-Version:Content-Type:Date:Message-Id:To:Cc:Subject:From:
	 References:In-Reply-To; b=TGNFMArIVHenHjti7QIaVYv2oghfpRb8AguZGRqk26YBVCZ2ikNR8KNBx7wYKQ3o+/FGVOZRQtutzdVNeKjloDarb+R9GzpnxAooZBasSlgMlaQwRX+v6tJgYcjGspfwGZAlfcarwu2SoMpKqgcLtGVhT5ICvGg3ABt5PYUtBS8=
ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=VICwgN7q; arc=none smtp.client-ip=209.85.210.47
Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com
Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="VICwgN7q"
Received: by mail-ot1-f47.google.com with SMTP id 46e09a7af769-7d1872504cbso2050352a34.0
        for <linux-kernel@vger.kernel.org>; Fri, 01 May 2026 19:38:49 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20251104; t=1777689529; x=1778294329; darn=vger.kernel.org;
        h=in-reply-to:references:from:subject:cc:to:message-id:date
         :content-transfer-encoding:mime-version:from:to:cc:subject:date
         :message-id:reply-to;
        bh=2lvWB/srBaK64EFjXhd2HhnzAD5E/LnopMmKAbRz5mE=;
        b=VICwgN7qQo6qR2B4i+qY/0rMaVdA+tD9t9/XzQnu0KBNRYYo6Go334I6MEaZt2Rvox
         pK9zNVPtQNZEeZORI1emXzo9GKLEnWmHtIWEADyuIzs+vIydsyzxj2q7XHr7YG5PyoYF
         w5k58MH6udQinFG9G2maX1OwzgXpjVcloao/2BtGpw3FlpX51jaK+Y+HLAJ9iY+1Oky9
         RI+AWFJYWArzoxqvS02MadRu5BgPZDtoInMb95IyoY7mTwPulOFy3XvPoXNjs7VUY7db
         zkZ1kNZ+y99zGeyJVq/JvV76hgTL/0J+LAIB+Aj4jEgsRys8Ty2JEPQoFlyydqaL9gRe
         DlVQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20251104; t=1777689529; x=1778294329;
        h=in-reply-to:references:from:subject:cc:to:message-id:date
         :content-transfer-encoding:mime-version:x-gm-gg:x-gm-message-state
         :from:to:cc:subject:date:message-id:reply-to;
        bh=2lvWB/srBaK64EFjXhd2HhnzAD5E/LnopMmKAbRz5mE=;
        b=qQHrZ3dnxkCkpmVJYBMtanoJ/7uC5okYEgALv8+e7M5MVbfKGWHTfqQB8Gck6J/GxL
         PXyj/2bfdRUihw31UVZ05iHFi7YpjjOFVKCb1EvU8m68YVxttMYCULgxD6V30sR3k4VH
         W30lkzTMXTEGBqOnJxAhYmSWf8QkayWR/qU0uKIgiZZmSkA+vxqglQ9vM9xaqQ2tR07O
         RlSZF+Xr8LoMwZqRIVK83QRd8sdYPpcaiGOpHwizOAU88S78aNorxv7cuLuNdXKr2gc/
         qdd3hxErL1WeDSuH7X94KJGKIICKENMVc+eqLet1qptChp0WPJ0Kj/zyYOiDHvZyn10n
         tPrw==
X-Forwarded-Encrypted: i=1; AFNElJ9hmPtV2O9cJniA6xx3+NcweENtHCFjL4I6SYizi3DG1IfB1WXTO8PIcLOCtMnkeYGnaVWCfOr2kj6YKTY=@vger.kernel.org
X-Gm-Message-State: AOJu0YwegwB9r1Z7nFkDjA3uPsNDj4neaQbSp9BAs8/H6ir1lqi7Jq6a
	C/AIttR42iK1DrAV4Y+2kfFkKDiL9qka5ANflHTi6IjTDVuD7zgdcCTk
X-Gm-Gg: AeBDievkLzcY3aP+a3vUzy6YSMUPqUyNzWftKhe5CEyuJXvcdeMYubbjCZVh03YPEeK
	pH5hBGrQjm0QScbgdCyp+7A41c6AQbWY4hz0N1emG7HvRAzb+lLkDQAvSgbNU6ykczJND9ZTqH5
	1RVftxLN0T4z1usYslAGJaN0r0Dcvn1M0K06qeZmKyTK9zdi5ylP6ED6X79PMy9iXACd2Mn7mKZ
	AZq4DHhBbU6T9Ts3BUvGQJw8Eh8iDVZu6dsSOvQUWKUeF1EdY7YAoDOoseWxVKc7WAQbyrt6jSl
	ugOAHk7cK3oUu562N6nGtNXKvL561NgT5rMEsUgJkvYEsdUICfn4a6+0xqWAxaOPtZu2F6VzWaT
	qDjXsek2lSw6Q9q8pBcq1i91kNVGJCknxvLjRiZd/SYcti1gLqF2IAxoa4V0B4/qaoMK78zaOcC
	COQZZfDKBz927xJ/j1uyHXaAbjBEDHd4n0cn/UewdXtk5thfaWeK36s6evGNV7
X-Received: by 2002:a05:6830:6dd0:b0:7db:d6c8:a21a with SMTP id 46e09a7af769-7debe2c92c5mr3625148a34.3.1777689528891;
        Fri, 01 May 2026 19:38:48 -0700 (PDT)
Received: from localhost (23-88-128-2.fttp.usinternet.com. [23.88.128.2])
        by smtp.gmail.com with ESMTPSA id 46e09a7af769-7deca80d5b7sm3179928a34.9.2026.05.01.19.38.48
        (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128);
        Fri, 01 May 2026 19:38:48 -0700 (PDT)
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset=UTF-8
Date: Fri, 01 May 2026 21:38:47 -0500
Message-Id: <DI7UCEXCZ8I9.1TAZ7QADQCTR5@gmail.com>
To: "Joshua Crofts" <joshua.crofts1@gmail.com>, "Maxwell Doose"
 <m32285159@gmail.com>
Cc: "Felix Gu" <ustc.gu@gmail.com>, "Jonathan Cameron" <jic23@kernel.org>,
 "David Lechner" <dlechner@baylibre.com>, =?utf-8?q?Nuno_S=C3=A1?=
 <nuno.sa@analog.com>, "Andy Shevchenko" <andy@kernel.org>, "Lars-Peter
 Clausen" <lars@metafoo.de>, "Arnaud Pouliquen" <arnaud.pouliquen@st.com>,
 "Mark Brown" <broonie@kernel.org>, <linux-iio@vger.kernel.org>,
 <linux-kernel@vger.kernel.org>, "sashiko" <sashiko-bot@kernel.org>
Subject: Re: [PATCH v2] iio: buffer: hw-consumer: fix use-after-free in
 error path
From: "Maxwell Doose" <m32285159@gmail.com>
X-Mailer: aerc 0.21.0-0-g5549850facc2
References: <20260430-iio-buf-v2-1-84c2231dea5e@gmail.com>
 <CALoEA-zC9je3xsq0+dqG5b-EiVM1DiKbgAT8JvtALsNwLpp=ZQ@mail.gmail.com>
 <DI7GHSFZGAL4.1EFUSTVRKWUBU@gmail.com>
 <CALoEA-zDzhLwgDp6-815xorrXoF=qrfBN=WSdLhar2Cgpaqv9g@mail.gmail.com>
In-Reply-To: <CALoEA-zDzhLwgDp6-815xorrXoF=qrfBN=WSdLhar2Cgpaqv9g@mail.gmail.com>

On Fri May 1, 2026 at 2:40 PM CDT, Joshua Crofts wrote:
> =E2=81=B7
>
> On Fri, 1 May 2026 at 17:47, Maxwell Doose <m32285159@gmail.com> wrote:
>
>> I think one of the issues raised by sashiko has an active patch:
>>
>> https://lore.kernel.org/linux-iio/20260427-iio_buf-v1-1-2bbdac844647@gma=
il.com/
>>
>> and I think they were waiting for Nuno to review it, since they noted
>> they were on a "wild goose chase". Thus the only issue raised by sashiko
>> that would still need a patch would be the OOB issue, but I haven't
>> looked at its explaination thoroughly to see if it's hallucinating.
>>
>> Anyways this one should still be good to merge.
>>
> Yeah this is good to merge, I was only pointing out that
> Sashiko reported additional errors (unrelated to this patch,
> it seems to keep finding more issues with the driver).

Also, if anybody feels strongly about the OOB issue that sashiko raised
in iio_hw_consumer_alloc(), you can probably add something like:

	if (chan->channel->scan_index < 0)
		continue;

but I feel at that point if that even happens there's something else
seriously wrong. But it might be a good idea to add that check anyways,
better safe than sorry. Not to mention, since this is a public function,
we need to code far more defensively.

best regards,
maxwell