[bug report] vmwgfx: Implement fence objects

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello Thomas Hellstrom,

The patch ae2a104058e2: "vmwgfx: Implement fence objects" from Sep 1,
2011, leads to the following
Smatch static checker warning:

	drivers/dma-buf/dma-fence.c:790 dma_fence_default_wait()
	warn: user controlled unbound timeout

drivers/gpu/drm/vmwgfx/vmwgfx_fence.c
   784  int vmw_fence_obj_wait_ioctl(struct drm_device *dev, void *data,
   785                               struct drm_file *file_priv)
   786  {
   787          struct drm_vmw_fence_wait_arg *arg =
   788              (struct drm_vmw_fence_wait_arg *)data;
   789          unsigned long timeout;
   790          struct ttm_base_object *base;
   791          struct vmw_fence_obj *fence;
   792          struct ttm_object_file *tfile = vmw_fpriv(file_priv)->tfile;
   793          int ret;
   794          uint64_t wait_timeout = ((uint64_t)arg->timeout_us * HZ);

timeout comes from the ioctl.

   795  
   796          /*
   797           * 64-bit division not present on 32-bit systems, so do an
   798           * approximation. (Divide by 1000000).
   799           */
   800  
   801          wait_timeout = (wait_timeout >> 20) + (wait_timeout >> 24) -
   802            (wait_timeout >> 26);
   803  
   804          if (!arg->cookie_valid) {
   805                  arg->cookie_valid = 1;
   806                  arg->kernel_cookie = jiffies + wait_timeout;
   807          }
   808  
   809          base = vmw_fence_obj_lookup(tfile, arg->handle);
   810          if (IS_ERR(base))
   811                  return PTR_ERR(base);
   812  
   813          fence = &(container_of(base, struct vmw_user_fence, base)->fence);
   814  
   815          timeout = jiffies;
   816          if (time_after_eq(timeout, (unsigned long)arg->kernel_cookie)) {
   817                  ret = ((vmw_fence_obj_signaled(fence)) ?
   818                         0 : -EBUSY);
   819                  goto out;
   820          }
   821  
   822          timeout = (unsigned long)arg->kernel_cookie - timeout;
   823  
   824          ret = vmw_fence_obj_wait(fence, arg->lazy, true, timeout);

This is a new Smatch warning.  To try figure out places which can
trigger sysbot "task hung" warnings.  I don't know if an upper bound on
timeout is appropriate here because this is new experimental check...

   825  
   826  out:
   827          ttm_base_object_unref(&base);

regards,
dan carpenter



[Index of Archives]     [Linux DRI Users]     [Linux Intel Graphics]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]     [XFree86]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Linux Kernel]     [Linux SCSI]     [XFree86]
  Powered by Linux