git.baikalelectronics.ru Git - kernel.git/commit

author	Michel Thierry <michel.thierry@intel.com>
	Fri, 2 Oct 2015 13:16:53 +0000 (14:16 +0100)
committer	Daniel Vetter <daniel.vetter@ffwll.ch>
	Tue, 6 Oct 2015 12:15:29 +0000 (14:15 +0200)
commit	076377dd3f3b6cdcbf5c62eb5c665bc8fad0f565
tree	38f6cf4d6e1c22b367fe1e878b9068b6736eede7	tree \| snapshot
parent	cb6909275677e8078af067b40f972df9ad991ac3	commit \| diff

drm/i915: prevent out of range pt in the PDE macros (take 3)

We tried to fix this in commit b9f448e375c4 ("drm/i915: Prevent out of
range pt in gen6_for_each_pde").

But the static analyzer still complains that, just before we break due
to "iter < I915_PDES", we do "pt = (pd)->page_table[iter]" with an
iter value that is bigger than I915_PDES. Of course, this isn't really
a problem since no one uses pt outside the macro. Still, every single
new usage of the macro will create a new issue for us to mark as a
false positive.

Also, Paulo re-started the discussion a while ago [1], but didn't end up
implemented.

In order to "solve" this "problem", this patch takes the ideas from
Chris and Dave, but that check would change the desired behavior of the
code, because the object (for example pdp->page_directory[iter]) can be
null during init/alloc, and C would take this as false, breaking the for
loop immediately.

This has been already verified with "static analysis tools".

[1]http://lists.freedesktop.org/archives/intel-gfx/2015-June/068548.html

v2: Make it a single statement, while preventing the common subexpression
elimination (Chris)

Cc: Paulo Zanoni <paulo.r.zanoni@intel.com>
Cc: Chris Wilson <chris@chris-wilson.co.uk>
Cc: Dave Gordon <david.s.gordon@intel.com>
Signed-off-by: Michel Thierry <michel.thierry@intel.com>
Reviewed-by: Chris Wilson <chris@chris-wilson.co.uk>
Signed-off-by: Daniel Vetter <daniel.vetter@ffwll.ch>