On Wed, 2018-07-04 at 11:13 +0200, Stefan Agner wrote: > The Tegra driver currently only support a single chip select, hence > check boundaries accordingly. This fixes a off by one issue catched > with Smatch: > drivers/mtd/nand/raw/tegra_nand.c:476 tegra_nand_select_chip() > warn: array off by one? 'nand->cs[die_nr]' > > Also warn in case the stack asks for a chip select we currently do > not support. > > Reported-by: Dan Carpenter <dan.carpenter at oracle.com> > Signed-off-by: Stefan Agner <stefan at agner.ch> > --- > drivers/mtd/nand/raw/tegra_nand.c | 4 +++- > 1 file changed, 3 insertions(+), 1 deletion(-) > > diff --git a/drivers/mtd/nand/raw/tegra_nand.c > b/drivers/mtd/nand/raw/tegra_nand.c > index 4daa88d814134..e65ef584df0b9 100644 > --- a/drivers/mtd/nand/raw/tegra_nand.c > +++ b/drivers/mtd/nand/raw/tegra_nand.c > @@ -468,7 +468,9 @@ static void tegra_nand_select_chip(struct > mtd_info *mtd, int die_nr) > struct tegra_nand_chip *nand = to_tegra_chip(chip); > struct tegra_nand_controller *ctrl = to_tegra_ctrl(chip- > >controller); > > - if (die_nr < 0 || die_nr > 1) { > + WARN_ON(die_nr >= ARRAY_SIZE(nand->cs)); Unfortunately, that has a tiny little issue as die_nr is a signed integer and ARRAY_SIZE of course is unsigned. While I could have sworn my shirt off that the compiler would have to promote this to signed this is not quite what happens and upon deselecting with -1 this warning gets triggered! I will send an updated patch explicitly casting the ARRAY_SIZE side to int as well shortly. > + > + if (die_nr < 0 || die_nr > 0) { > ctrl->cur_cs = -1; > return; > }