From 3413dc838fb2075779708d39c37acd60ba662c99 Mon Sep 17 00:00:00 2001
From: Igor Nabirushkin <inabirushkin@nvidia.com>
Date: Mon, 5 Aug 2013 19:16:27 +0400
Subject: misc: tegra-profiler: fix backtracing

check_vma_address function:
sometimes (rarely): address value may be overflowed.

Bug 1312406

Change-Id: I2073c264e78013591ddb343763f60ba920e04b90
Signed-off-by: Igor Nabirushkin <inabirushkin@nvidia.com>
Reviewed-on: http://git-master/r/258228
Reviewed-by: Andrey Trachenko <atrachenko@nvidia.com>
Reviewed-by: Automatic_Commit_Validation_User
Tested-by: Andrey Trachenko <atrachenko@nvidia.com>
GVS: Gerrit_Virtual_Submit
Reviewed-by: Bo Yan <byan@nvidia.com>
---
 drivers/misc/tegra-profiler/backtrace.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/drivers/misc/tegra-profiler/backtrace.c b/drivers/misc/tegra-profiler/backtrace.c
index dd7c67cded5a..ea68e98ae5a6 100644
--- a/drivers/misc/tegra-profiler/backtrace.c
+++ b/drivers/misc/tegra-profiler/backtrace.c
@@ -38,12 +38,14 @@ quadd_callchain_store(struct quadd_callchain *callchain_data, u32 ip)
 static int
 check_vma_address(unsigned long addr, struct vm_area_struct *vma)
 {
-	unsigned long start, end;
+	unsigned long start, end, length;
 
 	if (vma) {
 		start = vma->vm_start;
 		end = vma->vm_end;
-		if (addr >= start && addr + sizeof(unsigned long) <= end)
+		length = end - start;
+		if (length > sizeof(unsigned long) &&
+		    addr >= start && addr <= end - sizeof(unsigned long))
 			return 0;
 	}
 	return -EINVAL;
-- 
cgit v1.2.3