2018-07-04 01:36:01

by Gustavo A. R. Silva

[permalink] [raw]
Subject: [PATCH] drm/amd/display/dc/dce: Fix multiple potential integer overflows

Add suffix ULL to constant 5 and cast variables target_pix_clk_khz and
feedback_divider to uint64_t in order to avoid multiple potential integer
overflows and give the compiler complete information about the proper
arithmetic to use.

Notice that such constant and variables are used in contexts that
expect expressions of type uint64_t (64 bits, unsigned). The current
casts to uint64_t effectively apply to each expression as a whole,
but they do not prevent them from being evaluated using 32-bit
arithmetic instead of 64-bit arithmetic.

Also, once the expressions are properly evaluated using 64-bit
arithmentic, there is no need for the parentheses that enclose
them.

Addresses-Coverity-ID: 1460245 ("Unintentional integer overflow")
Addresses-Coverity-ID: 1460286 ("Unintentional integer overflow")
Addresses-Coverity-ID: 1460401 ("Unintentional integer overflow")
Fixes: 4562236b3bc0 ("drm/amd/dc: Add dc display driver (v2)")
Signed-off-by: Gustavo A. R. Silva <[email protected]>
---
drivers/gpu/drm/amd/display/dc/dce/dce_clock_source.c | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/drivers/gpu/drm/amd/display/dc/dce/dce_clock_source.c b/drivers/gpu/drm/amd/display/dc/dce/dce_clock_source.c
index 88b09dd..715d737 100644
--- a/drivers/gpu/drm/amd/display/dc/dce/dce_clock_source.c
+++ b/drivers/gpu/drm/amd/display/dc/dce/dce_clock_source.c
@@ -133,7 +133,7 @@ static bool calculate_fb_and_fractional_fb_divider(
uint64_t feedback_divider;

feedback_divider =
- (uint64_t)(target_pix_clk_khz * ref_divider * post_divider);
+ (uint64_t)target_pix_clk_khz * ref_divider * post_divider;
feedback_divider *= 10;
/* additional factor, since we divide by 10 afterwards */
feedback_divider *= (uint64_t)(calc_pll_cs->fract_fb_divider_factor);
@@ -145,8 +145,8 @@ static bool calculate_fb_and_fractional_fb_divider(
* of fractional feedback decimal point and the fractional FB Divider precision
* is 2 then the equation becomes (ullfeedbackDivider + 5*100) / (10*100))*/

- feedback_divider += (uint64_t)
- (5 * calc_pll_cs->fract_fb_divider_precision_factor);
+ feedback_divider += 5UL *
+ calc_pll_cs->fract_fb_divider_precision_factor;
feedback_divider =
div_u64(feedback_divider,
calc_pll_cs->fract_fb_divider_precision_factor * 10);
@@ -203,8 +203,8 @@ static bool calc_fb_divider_checking_tolerance(
&fract_feedback_divider);

/*Actual calculated value*/
- actual_calc_clk_khz = (uint64_t)(feedback_divider *
- calc_pll_cs->fract_fb_divider_factor) +
+ actual_calc_clk_khz = (uint64_t)feedback_divider *
+ calc_pll_cs->fract_fb_divider_factor +
fract_feedback_divider;
actual_calc_clk_khz *= calc_pll_cs->ref_freq_khz;
actual_calc_clk_khz =
--
2.7.4



2018-07-04 07:39:25

by Michel Dänzer

[permalink] [raw]
Subject: Re: [PATCH] drm/amd/display/dc/dce: Fix multiple potential integer overflows

On 2018-07-04 03:13 AM, Gustavo A. R. Silva wrote:
> Add suffix ULL to constant 5 and cast variables target_pix_clk_khz and
> feedback_divider to uint64_t in order to avoid multiple potential integer
> overflows and give the compiler complete information about the proper
> arithmetic to use.
>
> Notice that such constant and variables are used in contexts that
> expect expressions of type uint64_t (64 bits, unsigned). The current
> casts to uint64_t effectively apply to each expression as a whole,
> but they do not prevent them from being evaluated using 32-bit
> arithmetic instead of 64-bit arithmetic.
>
> Also, once the expressions are properly evaluated using 64-bit
> arithmentic, there is no need for the parentheses that enclose
> them.
>
> Addresses-Coverity-ID: 1460245 ("Unintentional integer overflow")
> Addresses-Coverity-ID: 1460286 ("Unintentional integer overflow")
> Addresses-Coverity-ID: 1460401 ("Unintentional integer overflow")
> Fixes: 4562236b3bc0 ("drm/amd/dc: Add dc display driver (v2)")
> Signed-off-by: Gustavo A. R. Silva <[email protected]>
>
> [...]
>
> @@ -145,8 +145,8 @@ static bool calculate_fb_and_fractional_fb_divider(
> * of fractional feedback decimal point and the fractional FB Divider precision
> * is 2 then the equation becomes (ullfeedbackDivider + 5*100) / (10*100))*/
>
> - feedback_divider += (uint64_t)
> - (5 * calc_pll_cs->fract_fb_divider_precision_factor);
> + feedback_divider += 5UL *
> + calc_pll_cs->fract_fb_divider_precision_factor;

This should be 5ULL, as the commit log says, otherwise it's still only
32 bits on 32-bit platforms.


--
Earthling Michel Dänzer | http://www.amd.com
Libre software enthusiast | Mesa and X developer

2018-07-04 13:15:35

by Gustavo A. R. Silva

[permalink] [raw]
Subject: Re: [PATCH] drm/amd/display/dc/dce: Fix multiple potential integer overflows

Hi Michel,

On 07/04/2018 02:38 AM, Michel Dänzer wrote:
> On 2018-07-04 03:13 AM, Gustavo A. R. Silva wrote:
>> Add suffix ULL to constant 5 and cast variables target_pix_clk_khz and
>> feedback_divider to uint64_t in order to avoid multiple potential integer
>> overflows and give the compiler complete information about the proper
>> arithmetic to use.
>>
>> Notice that such constant and variables are used in contexts that
>> expect expressions of type uint64_t (64 bits, unsigned). The current
>> casts to uint64_t effectively apply to each expression as a whole,
>> but they do not prevent them from being evaluated using 32-bit
>> arithmetic instead of 64-bit arithmetic.
>>
>> Also, once the expressions are properly evaluated using 64-bit
>> arithmentic, there is no need for the parentheses that enclose
>> them.
>>
>> Addresses-Coverity-ID: 1460245 ("Unintentional integer overflow")
>> Addresses-Coverity-ID: 1460286 ("Unintentional integer overflow")
>> Addresses-Coverity-ID: 1460401 ("Unintentional integer overflow")
>> Fixes: 4562236b3bc0 ("drm/amd/dc: Add dc display driver (v2)")
>> Signed-off-by: Gustavo A. R. Silva <[email protected]>
>>
>> [...]
>>
>> @@ -145,8 +145,8 @@ static bool calculate_fb_and_fractional_fb_divider(
>> * of fractional feedback decimal point and the fractional FB Divider precision
>> * is 2 then the equation becomes (ullfeedbackDivider + 5*100) / (10*100))*/
>>
>> - feedback_divider += (uint64_t)
>> - (5 * calc_pll_cs->fract_fb_divider_precision_factor);
>> + feedback_divider += 5UL *
>> + calc_pll_cs->fract_fb_divider_precision_factor;
>
> This should be 5ULL, as the commit log says, otherwise it's still only
> 32 bits on 32-bit platforms.
>

That's correct. Thanks for the report.

I'll send v2 shortly.

Thanks
--
Gustavo


2018-07-04 17:52:16

by Harry Wentland

[permalink] [raw]
Subject: Re: [PATCH] drm/amd/display/dc/dce: Fix multiple potential integer overflows



On 2018-07-04 03:38 AM, Michel Dänzer wrote:
> On 2018-07-04 03:13 AM, Gustavo A. R. Silva wrote:
>> Add suffix ULL to constant 5 and cast variables target_pix_clk_khz and
>> feedback_divider to uint64_t in order to avoid multiple potential integer
>> overflows and give the compiler complete information about the proper
>> arithmetic to use.
>>
>> Notice that such constant and variables are used in contexts that
>> expect expressions of type uint64_t (64 bits, unsigned). The current
>> casts to uint64_t effectively apply to each expression as a whole,
>> but they do not prevent them from being evaluated using 32-bit
>> arithmetic instead of 64-bit arithmetic.
>>
>> Also, once the expressions are properly evaluated using 64-bit
>> arithmentic, there is no need for the parentheses that enclose
>> them.
>>
>> Addresses-Coverity-ID: 1460245 ("Unintentional integer overflow")
>> Addresses-Coverity-ID: 1460286 ("Unintentional integer overflow")
>> Addresses-Coverity-ID: 1460401 ("Unintentional integer overflow")
>> Fixes: 4562236b3bc0 ("drm/amd/dc: Add dc display driver (v2)")
>> Signed-off-by: Gustavo A. R. Silva <[email protected]>
>>
>> [...]
>>
>> @@ -145,8 +145,8 @@ static bool calculate_fb_and_fractional_fb_divider(
>> * of fractional feedback decimal point and the fractional FB Divider precision
>> * is 2 then the equation becomes (ullfeedbackDivider + 5*100) / (10*100))*/
>>
>> - feedback_divider += (uint64_t)
>> - (5 * calc_pll_cs->fract_fb_divider_precision_factor);
>> + feedback_divider += 5UL *
>> + calc_pll_cs->fract_fb_divider_precision_factor;
>
> This should be 5ULL, as the commit log says, otherwise it's still only
> 32 bits on 32-bit platforms.
>

Agreed.

Otherwise this looks good.

With that fixed this patch is
Reviewed-by: Harry Wentland <[email protected]>

Harry

>

2018-07-04 17:55:41

by Gustavo A. R. Silva

[permalink] [raw]
Subject: Re: [PATCH] drm/amd/display/dc/dce: Fix multiple potential integer overflows



On 07/04/2018 12:51 PM, Harry Wentland wrote:
[..]
>>>
>>> @@ -145,8 +145,8 @@ static bool calculate_fb_and_fractional_fb_divider(
>>> * of fractional feedback decimal point and the fractional FB Divider precision
>>> * is 2 then the equation becomes (ullfeedbackDivider + 5*100) / (10*100))*/
>>>
>>> - feedback_divider += (uint64_t)
>>> - (5 * calc_pll_cs->fract_fb_divider_precision_factor);
>>> + feedback_divider += 5UL *
>>> + calc_pll_cs->fract_fb_divider_precision_factor;
>>
>> This should be 5ULL, as the commit log says, otherwise it's still only
>> 32 bits on 32-bit platforms.
>>
>
> Agreed.
>
> Otherwise this looks good.
>
> With that fixed this patch is
> Reviewed-by: Harry Wentland <[email protected]>
>

Hi Harry,

I already sent v2: https://patchwork.kernel.org/patch/10506897/

Thanks
--
Gustavo

2018-07-04 18:06:25

by Harry Wentland

[permalink] [raw]
Subject: Re: [PATCH] drm/amd/display/dc/dce: Fix multiple potential integer overflows

On 2018-07-04 01:54 PM, Gustavo A. R. Silva wrote:
>
>
> On 07/04/2018 12:51 PM, Harry Wentland wrote:
> [..]
>>>>
>>>> @@ -145,8 +145,8 @@ static bool calculate_fb_and_fractional_fb_divider(
>>>> * of fractional feedback decimal point and the fractional FB Divider precision
>>>> * is 2 then the equation becomes (ullfeedbackDivider + 5*100) / (10*100))*/
>>>>
>>>> - feedback_divider += (uint64_t)
>>>> - (5 * calc_pll_cs->fract_fb_divider_precision_factor);
>>>> + feedback_divider += 5UL *
>>>> + calc_pll_cs->fract_fb_divider_precision_factor;
>>>
>>> This should be 5ULL, as the commit log says, otherwise it's still only
>>> 32 bits on 32-bit platforms.
>>>
>>
>> Agreed.
>>
>> Otherwise this looks good.
>>
>> With that fixed this patch is
>> Reviewed-by: Harry Wentland <[email protected]>
>>
>
> Hi Harry,
>
> I already sent v2: https://patchwork.kernel.org/patch/10506897/
>

Thanks. Merged.

Harry

> Thanks
> --
> Gustavo
>