From: Dan Carpenter <dan.carpenter@linaro.org>
To: Ellen Pan <yunru.pan@amd.com>
Cc: amd-gfx@lists.freedesktop.org, dri-devel@lists.freedesktop.org,
"SHANMUGAM, SRINIVASAN" <SRINIVASAN.SHANMUGAM@amd.com>
Subject: [bug report] drm/amdgpu: Introduce SRIOV critical regions v2 during VF init
Date: Wed, 22 Oct 2025 12:22:24 +0300 [thread overview]
Message-ID: <aPiiUG_y0k1iLFJd@stanley.mountain> (raw)
Hello Ellen Pan,
Commit 07009df6494d ("drm/amdgpu: Introduce SRIOV critical regions v2
during VF init") from Oct 7, 2025 (linux-next), leads to the
following Smatch static checker warning:
drivers/gpu/drm/amd/amdgpu/amdgpu_virt.c:950 amdgpu_virt_init_critical_region()
warn: unsigned 'init_hdr_offset' is never less than zero.
drivers/gpu/drm/amd/amdgpu/amdgpu_virt.c
937 int amdgpu_virt_init_critical_region(struct amdgpu_device *adev)
938 {
939 struct amd_sriov_msg_init_data_header *init_data_hdr = NULL;
940 uint32_t init_hdr_offset = adev->virt.init_data_header.offset;
941 uint32_t init_hdr_size = adev->virt.init_data_header.size_kb << 10;
942 uint64_t vram_size;
943 int r = 0;
944 uint8_t checksum = 0;
945
946 /* Skip below init if critical region version != v2 */
947 if (adev->virt.req_init_data_ver != GPU_CRIT_REGION_V2)
948 return 0;
949
--> 950 if (init_hdr_offset < 0) {
^^^^^^^^^^^^^^^
unsigned so it can't be less than zero.
951 dev_err(adev->dev, "Invalid init header offset\n");
952 return -EINVAL;
953 }
954
955 vram_size = RREG32(mmRCC_CONFIG_MEMSIZE);
956 if (!vram_size || vram_size == U32_MAX)
957 return -EINVAL;
958 vram_size <<= 20;
959
960 if ((init_hdr_offset + init_hdr_size) > vram_size) {
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Would we be concerned about integer overflows here? Should it be:
if (size_add(init_hdr_offset, init_hdr_size) > vram_size) {
961 dev_err(adev->dev, "init_data_header exceeds VRAM size, exiting\n");
962 return -EINVAL;
963 }
964
regards,
dan carpenter
reply other threads:[~2025-10-23 7:51 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aPiiUG_y0k1iLFJd@stanley.mountain \
--to=dan.carpenter@linaro.org \
--cc=SRINIVASAN.SHANMUGAM@amd.com \
--cc=amd-gfx@lists.freedesktop.org \
--cc=dri-devel@lists.freedesktop.org \
--cc=yunru.pan@amd.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox