Re: [PATCH] Input: penmount: bound packet buffer indices in IRQ path

Next message: fangyu . yu: "[PATCH 4/4] riscv: kexec: Switch to trampoline page table before norelocate"
Previous message: Giorgi Tchankvetadze: "Re: [PATCH] mm: mmap: add missing space after comma in vma_expand_up macro"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Andy Shevchenko

Date: Tue Mar 24 2026 - 08:18:46 EST

On Tue, Mar 24, 2026 at 10:29:50AM +0800, Pengpeng Hou wrote:
>
> This was found during static code analysis of the packet receive path.
>
> About the fix: my reasoning was that once pm->idx has already moved past
> the valid packet buffer state, the current partial packet is no longer
> usable, so the safest local recovery is to drop that stale state and
> resynchronize from the current byte. That is why I reset the index before
> storing the next byte.
>
> I did not choose to ignore the IRQ entirely because the interrupt has
> already delivered a byte, and simply returning without resetting the stale
> state would leave the parser in the same invalid condition for the next
> interrupt. Resetting the index seemed like the smallest change that both
> prevents the out-of-bounds write and lets the parser recover cleanly.

Good, (summary of) this should be in the commit message in the first place.

--
With Best Regards,
Andy Shevchenko