AMD-GFX Archive on lore.kernel.org
 help / color / mirror / Atom feed
* [bug report] drm/amdgpu: Introduce SRIOV critical regions v2 during VF init
@ 2025-10-22  9:22 Dan Carpenter
  0 siblings, 0 replies; only message in thread
From: Dan Carpenter @ 2025-10-22  9:22 UTC (permalink / raw)
  To: Ellen Pan; +Cc: amd-gfx, dri-devel, SHANMUGAM, SRINIVASAN

Hello Ellen Pan,

Commit 07009df6494d ("drm/amdgpu: Introduce SRIOV critical regions v2
during VF init") from Oct 7, 2025 (linux-next), leads to the
following Smatch static checker warning:

	drivers/gpu/drm/amd/amdgpu/amdgpu_virt.c:950 amdgpu_virt_init_critical_region()
	warn: unsigned 'init_hdr_offset' is never less than zero.

drivers/gpu/drm/amd/amdgpu/amdgpu_virt.c
    937 int amdgpu_virt_init_critical_region(struct amdgpu_device *adev)
    938 {
    939         struct amd_sriov_msg_init_data_header *init_data_hdr = NULL;
    940         uint32_t init_hdr_offset = adev->virt.init_data_header.offset;
    941         uint32_t init_hdr_size = adev->virt.init_data_header.size_kb << 10;
    942         uint64_t vram_size;
    943         int r = 0;
    944         uint8_t checksum = 0;
    945 
    946         /* Skip below init if critical region version != v2 */
    947         if (adev->virt.req_init_data_ver != GPU_CRIT_REGION_V2)
    948                 return 0;
    949 
--> 950         if (init_hdr_offset < 0) {
                    ^^^^^^^^^^^^^^^
unsigned so it can't be less than zero.

    951                 dev_err(adev->dev, "Invalid init header offset\n");
    952                 return -EINVAL;
    953         }
    954 
    955         vram_size = RREG32(mmRCC_CONFIG_MEMSIZE);
    956         if (!vram_size || vram_size == U32_MAX)
    957                 return -EINVAL;
    958         vram_size <<= 20;
    959 
    960         if ((init_hdr_offset + init_hdr_size) > vram_size) {
                     ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Would we be concerned about integer overflows here?  Should it be:

	if (size_add(init_hdr_offset, init_hdr_size) > vram_size) {

    961                 dev_err(adev->dev, "init_data_header exceeds VRAM size, exiting\n");
    962                 return -EINVAL;
    963         }
    964 

regards,
dan carpenter

^ permalink raw reply	[flat|nested] only message in thread
only message in thread, other threads:[~2025-10-23  7:51 UTC | newest]

Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-10-22  9:22 [bug report] drm/amdgpu: Introduce SRIOV critical regions v2 during VF init Dan Carpenter

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox