[PATCH RFC] arm64/scs: Fix potential sign extension issue of advance_loc4
Catalin Marinas
catalin.marinas at arm.com
Wed Apr 15 03:48:03 PDT 2026
On Mon, Apr 13, 2026 at 05:54:59PM +0800, Wentao Guan wrote:
> The expression (*opcode++ << 24) and exp * code_alignment_factor
> may overflow signed int and becomes negative.
>
> Fix this by casting each byte to u64 before shifting. Also fix
> the misaligned break statement while we are here.
>
> Example of the result can be seen here:
> Link: https://godbolt.org/z/zhY8d3595
>
> It maybe not a real problem, but could be a issue in future.
>
> Fixes: d499e9627d70 ("arm64/scs: Fix handling of advance_loc4")
> Signed-off-by: Wentao Guan <guanwentao at uniontech.com>
> ---
> arch/arm64/kernel/pi/patch-scs.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/arch/arm64/kernel/pi/patch-scs.c b/arch/arm64/kernel/pi/patch-scs.c
> index dac568e4a54f2..3944ad899021c 100644
> --- a/arch/arm64/kernel/pi/patch-scs.c
> +++ b/arch/arm64/kernel/pi/patch-scs.c
> @@ -196,9 +196,9 @@ static int scs_handle_fde_frame(const struct eh_frame *frame,
> loc += *opcode++ * code_alignment_factor;
> loc += (*opcode++ << 8) * code_alignment_factor;
> loc += (*opcode++ << 16) * code_alignment_factor;
> - loc += (*opcode++ << 24) * code_alignment_factor;
> + loc += ((u64)*opcode++ << 24) * code_alignment_factor;
> size -= 4;
> - break;
> + break;
The fix makes sense. I'll queue it at -rc1.
Thanks.
--
Catalin
More information about the linux-arm-kernel
mailing list