Coverity warns of an unintentional integer overflow
CID 120715 (#1 of 1): Unintentional integer overflow (OVERFLOW_BEFORE_WIDEN)
overflow_before_widen: Potentially overflowing expression ref_clk * sdm_byp_div
with type unsigned int (32 bits, unsigned) is evaluated using 32-bit arithmetic,
and then used in a context that expects an expression of type unsigned long
(64 bits, unsigned).
To avoid overflow, cast either ref_clk or sdm_byp_div to type unsigned long.
263 vco_rate = ref_clk * sdm_byp_div;
Fix this and another possible overflow by casting ref_clk to unsigned long.
Cc: Rob Clark <[email protected]>
Cc: Sean Paul <[email protected]>
Cc: David Airlie <[email protected]>
Cc: Daniel Vetter <[email protected]>
Cc: Dmitry Baryshkov <[email protected]>
Cc: Abhinav Kumar <[email protected]>
Cc: [email protected]
Cc: [email protected]
Cc: [email protected]
Cc: [email protected]
Signed-off-by: Tim Gardner <[email protected]>
---
drivers/gpu/drm/msm/dsi/phy/dsi_phy_28nm.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/gpu/drm/msm/dsi/phy/dsi_phy_28nm.c b/drivers/gpu/drm/msm/dsi/phy/dsi_phy_28nm.c
index 2da673a2add6..cfe4b30eb96d 100644
--- a/drivers/gpu/drm/msm/dsi/phy/dsi_phy_28nm.c
+++ b/drivers/gpu/drm/msm/dsi/phy/dsi_phy_28nm.c
@@ -260,7 +260,7 @@ static unsigned long dsi_pll_28nm_clk_recalc_rate(struct clk_hw *hw,
sdm_byp_div = FIELD(
dsi_phy_read(base + REG_DSI_28nm_PHY_PLL_SDM_CFG0),
DSI_28nm_PHY_PLL_SDM_CFG0_BYP_DIV) + 1;
- vco_rate = ref_clk * sdm_byp_div;
+ vco_rate = (unsigned long)ref_clk * sdm_byp_div;
} else {
/* sdm mode */
sdm_dc_off = FIELD(
@@ -274,7 +274,7 @@ static unsigned long dsi_pll_28nm_clk_recalc_rate(struct clk_hw *hw,
sdm_freq_seed = (sdm3 << 8) | sdm2;
DBG("sdm_freq_seed = %d", sdm_freq_seed);
- vco_rate = (ref_clk * (sdm_dc_off + 1)) +
+ vco_rate = ((unsigned long)ref_clk * (sdm_dc_off + 1)) +
mult_frac(ref_clk, sdm_freq_seed, BIT(16));
DBG("vco rate = %lu", vco_rate);
}
--
2.33.0
On 29/09/2021 20:51, Tim Gardner wrote:
> Coverity warns of an unintentional integer overflow
>
> CID 120715 (#1 of 1): Unintentional integer overflow (OVERFLOW_BEFORE_WIDEN)
> overflow_before_widen: Potentially overflowing expression ref_clk * sdm_byp_div
> with type unsigned int (32 bits, unsigned) is evaluated using 32-bit arithmetic,
> and then used in a context that expects an expression of type unsigned long
> (64 bits, unsigned).
> To avoid overflow, cast either ref_clk or sdm_byp_div to type unsigned long.
> 263 vco_rate = ref_clk * sdm_byp_div;
>
> Fix this and another possible overflow by casting ref_clk to unsigned long.
Changing ref_clk from u32 to unsigned long would be a more simple and
elegant way of fixing this issue. Could you please update your patch?
>
> Cc: Rob Clark <[email protected]>
> Cc: Sean Paul <[email protected]>
> Cc: David Airlie <[email protected]>
> Cc: Daniel Vetter <[email protected]>
> Cc: Dmitry Baryshkov <[email protected]>
> Cc: Abhinav Kumar <[email protected]>
> Cc: [email protected]
> Cc: [email protected]
> Cc: [email protected]
> Cc: [email protected]
> Signed-off-by: Tim Gardner <[email protected]>
> ---
> drivers/gpu/drm/msm/dsi/phy/dsi_phy_28nm.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/gpu/drm/msm/dsi/phy/dsi_phy_28nm.c b/drivers/gpu/drm/msm/dsi/phy/dsi_phy_28nm.c
> index 2da673a2add6..cfe4b30eb96d 100644
> --- a/drivers/gpu/drm/msm/dsi/phy/dsi_phy_28nm.c
> +++ b/drivers/gpu/drm/msm/dsi/phy/dsi_phy_28nm.c
> @@ -260,7 +260,7 @@ static unsigned long dsi_pll_28nm_clk_recalc_rate(struct clk_hw *hw,
> sdm_byp_div = FIELD(
> dsi_phy_read(base + REG_DSI_28nm_PHY_PLL_SDM_CFG0),
> DSI_28nm_PHY_PLL_SDM_CFG0_BYP_DIV) + 1;
> - vco_rate = ref_clk * sdm_byp_div;
> + vco_rate = (unsigned long)ref_clk * sdm_byp_div;
> } else {
> /* sdm mode */
> sdm_dc_off = FIELD(
> @@ -274,7 +274,7 @@ static unsigned long dsi_pll_28nm_clk_recalc_rate(struct clk_hw *hw,
> sdm_freq_seed = (sdm3 << 8) | sdm2;
> DBG("sdm_freq_seed = %d", sdm_freq_seed);
>
> - vco_rate = (ref_clk * (sdm_dc_off + 1)) +
> + vco_rate = ((unsigned long)ref_clk * (sdm_dc_off + 1)) +
> mult_frac(ref_clk, sdm_freq_seed, BIT(16));
> DBG("vco rate = %lu", vco_rate);
> }
>
--
With best wishes
Dmitry