tree: https://kernel.googlesource.com/pub/scm/linux/kernel/git/torvalds/linux.git master
head: a7f89616b7376495424f682b6086e0c391a89a1d
commit: df0566a641f959108c152be748a0a58794280e0e drm/i915: move modesetting core code under display/
date: 3 months ago
If you fix the issue, kindly add following tag
Reported-by: kbuild test robot <[email protected]>
Reported-by: Dan Carpenter <[email protected]>
New smatch warnings:
drivers/gpu/drm/i915/display/intel_display.c:3934 skl_plane_stride() error: testing array offset 'color_plane' after use.
drivers/gpu/drm/i915/display/intel_display.c:16328 intel_sanitize_encoder() error: we previously assumed 'crtc' could be null (see line 16318)
git remote add linus https://kernel.googlesource.com/pub/scm/linux/kernel/git/torvalds/linux.git
git remote update linus
git checkout df0566a641f959108c152be748a0a58794280e0e
vim +/color_plane +3934 drivers/gpu/drm/i915/display/intel_display.c
b3cf5c06ca5001 drivers/gpu/drm/i915/intel_display.c Ville Syrj?l? 2018-09-25 3926
df79cf44191029 drivers/gpu/drm/i915/intel_display.c Ville Syrj?l? 2018-09-11 3927 u32 skl_plane_stride(const struct intel_plane_state *plane_state,
5d2a19507cb665 drivers/gpu/drm/i915/intel_display.c Ville Syrj?l? 2018-09-07 3928 int color_plane)
d21967740f4b7d drivers/gpu/drm/i915/intel_display.c Ville Syrj?l? 2016-01-28 3929 {
df79cf44191029 drivers/gpu/drm/i915/intel_display.c Ville Syrj?l? 2018-09-11 3930 const struct drm_framebuffer *fb = plane_state->base.fb;
df79cf44191029 drivers/gpu/drm/i915/intel_display.c Ville Syrj?l? 2018-09-11 3931 unsigned int rotation = plane_state->base.rotation;
5d2a19507cb665 drivers/gpu/drm/i915/intel_display.c Ville Syrj?l? 2018-09-07 3932 u32 stride = plane_state->color_plane[color_plane].stride;
^^^^^^^^^^^
Out of bounds read?
1b500535c513ac drivers/gpu/drm/i915/intel_display.c Ville Syrj?l? 2017-03-07 3933
5d2a19507cb665 drivers/gpu/drm/i915/intel_display.c Ville Syrj?l? 2018-09-07 @3934 if (color_plane >= fb->format->num_planes)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Tested too late.
1b500535c513ac drivers/gpu/drm/i915/intel_display.c Ville Syrj?l? 2017-03-07 3935 return 0;
1b500535c513ac drivers/gpu/drm/i915/intel_display.c Ville Syrj?l? 2017-03-07 3936
b3cf5c06ca5001 drivers/gpu/drm/i915/intel_display.c Ville Syrj?l? 2018-09-25 3937 return stride / skl_plane_stride_mult(fb, color_plane, rotation);
d21967740f4b7d drivers/gpu/drm/i915/intel_display.c Ville Syrj?l? 2016-01-28 3938 }
d21967740f4b7d drivers/gpu/drm/i915/intel_display.c Ville Syrj?l? 2016-01-28 3939
---
0-DAY kernel test infrastructure Open Source Technology Center
https://lists.01.org/pipermail/kbuild-all Intel Corporation
On Sat, 14 Sep 2019, Dan Carpenter <[email protected]> wrote:
> tree: https://kernel.googlesource.com/pub/scm/linux/kernel/git/torvalds/linux.git master
> head: a7f89616b7376495424f682b6086e0c391a89a1d
> commit: df0566a641f959108c152be748a0a58794280e0e drm/i915: move modesetting core code under display/
> date: 3 months ago
>
> If you fix the issue, kindly add following tag
> Reported-by: kbuild test robot <[email protected]>
> Reported-by: Dan Carpenter <[email protected]>
>
> New smatch warnings:
> drivers/gpu/drm/i915/display/intel_display.c:3934 skl_plane_stride() error: testing array offset 'color_plane' after use.
> drivers/gpu/drm/i915/display/intel_display.c:16328 intel_sanitize_encoder() error: we previously assumed 'crtc' could be null (see line 16318)
Odd, what changed to provoke the warnings now? Or is the smatch test
new?
Anyway, Cc: Ville & intel-gfx.
BR,
Jani.
>
> git remote add linus https://kernel.googlesource.com/pub/scm/linux/kernel/git/torvalds/linux.git
> git remote update linus
> git checkout df0566a641f959108c152be748a0a58794280e0e
> vim +/color_plane +3934 drivers/gpu/drm/i915/display/intel_display.c
>
> b3cf5c06ca5001 drivers/gpu/drm/i915/intel_display.c Ville Syrjälä 2018-09-25 3926
> df79cf44191029 drivers/gpu/drm/i915/intel_display.c Ville Syrjälä 2018-09-11 3927 u32 skl_plane_stride(const struct intel_plane_state *plane_state,
> 5d2a19507cb665 drivers/gpu/drm/i915/intel_display.c Ville Syrjälä 2018-09-07 3928 int color_plane)
> d21967740f4b7d drivers/gpu/drm/i915/intel_display.c Ville Syrjälä 2016-01-28 3929 {
> df79cf44191029 drivers/gpu/drm/i915/intel_display.c Ville Syrjälä 2018-09-11 3930 const struct drm_framebuffer *fb = plane_state->base.fb;
> df79cf44191029 drivers/gpu/drm/i915/intel_display.c Ville Syrjälä 2018-09-11 3931 unsigned int rotation = plane_state->base.rotation;
> 5d2a19507cb665 drivers/gpu/drm/i915/intel_display.c Ville Syrjälä 2018-09-07 3932 u32 stride = plane_state->color_plane[color_plane].stride;
> ^^^^^^^^^^^
> Out of bounds read?
>
> 1b500535c513ac drivers/gpu/drm/i915/intel_display.c Ville Syrjälä 2017-03-07 3933
> 5d2a19507cb665 drivers/gpu/drm/i915/intel_display.c Ville Syrjälä 2018-09-07 @3934 if (color_plane >= fb->format->num_planes)
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> Tested too late.
>
> 1b500535c513ac drivers/gpu/drm/i915/intel_display.c Ville Syrjälä 2017-03-07 3935 return 0;
> 1b500535c513ac drivers/gpu/drm/i915/intel_display.c Ville Syrjälä 2017-03-07 3936
> b3cf5c06ca5001 drivers/gpu/drm/i915/intel_display.c Ville Syrjälä 2018-09-25 3937 return stride / skl_plane_stride_mult(fb, color_plane, rotation);
> d21967740f4b7d drivers/gpu/drm/i915/intel_display.c Ville Syrjälä 2016-01-28 3938 }
> d21967740f4b7d drivers/gpu/drm/i915/intel_display.c Ville Syrjälä 2016-01-28 3939
>
> ---
> 0-DAY kernel test infrastructure Open Source Technology Center
> https://lists.01.org/pipermail/kbuild-all Intel Corporation
--
Jani Nikula, Intel Open Source Graphics Center
On Mon, Sep 16, 2019 at 10:59:13AM +0300, Dan Carpenter wrote:
> On Mon, Sep 16, 2019 at 10:31:35AM +0300, Jani Nikula wrote:
> > On Sat, 14 Sep 2019, Dan Carpenter <[email protected]> wrote:
> > > tree: https://kernel.googlesource.com/pub/scm/linux/kernel/git/torvalds/linux.git master
> > > head: a7f89616b7376495424f682b6086e0c391a89a1d
> > > commit: df0566a641f959108c152be748a0a58794280e0e drm/i915: move modesetting core code under display/
> > > date: 3 months ago
> > >
> > > If you fix the issue, kindly add following tag
> > > Reported-by: kbuild test robot <[email protected]>
> > > Reported-by: Dan Carpenter <[email protected]>
> > >
> > > New smatch warnings:
> > > drivers/gpu/drm/i915/display/intel_display.c:3934 skl_plane_stride() error: testing array offset 'color_plane' after use.
The code looks fine to me. int color_plane is 0 or 1 so we know
the color_plane[] array is has enough elements. But if
fb->num_planes==1 we don't actually want to look at color_plane[1].
> > > drivers/gpu/drm/i915/display/intel_display.c:16328 intel_sanitize_encoder() error: we previously assumed 'crtc' could be null (see line 16318)
If crtc_state!=NULL then crtc!=NULL. Looks safe to me.
> >
> > Odd, what changed to provoke the warnings now? Or is the smatch test
> > new?
> >
>
> It looks like the cross function DB is out of data slightly. Maybe
> because the file moved? On my system Smatch knows that color_plane is
> 0-1 and plane_state->color_plane[] is a two element array so it doesn't
> print the warning.
>
> This is just a sanity check which is never triggered. Should the sanity
> check be move? What was originally intended? It's hard to say.
>
> regards,
> dan carpenter
--
Ville Syrj?l?
Intel
On Mon, Sep 16, 2019 at 10:31:35AM +0300, Jani Nikula wrote:
> On Sat, 14 Sep 2019, Dan Carpenter <[email protected]> wrote:
> > tree: https://kernel.googlesource.com/pub/scm/linux/kernel/git/torvalds/linux.git master
> > head: a7f89616b7376495424f682b6086e0c391a89a1d
> > commit: df0566a641f959108c152be748a0a58794280e0e drm/i915: move modesetting core code under display/
> > date: 3 months ago
> >
> > If you fix the issue, kindly add following tag
> > Reported-by: kbuild test robot <[email protected]>
> > Reported-by: Dan Carpenter <[email protected]>
> >
> > New smatch warnings:
> > drivers/gpu/drm/i915/display/intel_display.c:3934 skl_plane_stride() error: testing array offset 'color_plane' after use.
> > drivers/gpu/drm/i915/display/intel_display.c:16328 intel_sanitize_encoder() error: we previously assumed 'crtc' could be null (see line 16318)
>
> Odd, what changed to provoke the warnings now? Or is the smatch test
> new?
>
It looks like the cross function DB is out of data slightly. Maybe
because the file moved? On my system Smatch knows that color_plane is
0-1 and plane_state->color_plane[] is a two element array so it doesn't
print the warning.
This is just a sanity check which is never triggered. Should the sanity
check be move? What was originally intended? It's hard to say.
regards,
dan carpenter