On Wed, 16 Oct 2024 15:16:22 +0200
Erik Faye-Lund <erik.faye-lund@xxxxxxxxxxxxx> wrote:
> On Thu, 2024-02-29 at 17:22 +0100, Boris Brezillon wrote:
> > +/**
> > + * enum drm_panthor_sync_op_flags - Synchronization operation flags.
> > + */
> > +enum drm_panthor_sync_op_flags {
> > + /** @DRM_PANTHOR_SYNC_OP_HANDLE_TYPE_MASK: Synchronization
> > handle type mask. */
> > + DRM_PANTHOR_SYNC_OP_HANDLE_TYPE_MASK = 0xff,
> > +
> > + /** @DRM_PANTHOR_SYNC_OP_HANDLE_TYPE_SYNCOBJ:
> > Synchronization object type. */
> > + DRM_PANTHOR_SYNC_OP_HANDLE_TYPE_SYNCOBJ = 0,
> > +
> > + /**
> > + * @DRM_PANTHOR_SYNC_OP_HANDLE_TYPE_TIMELINE_SYNCOBJ:
> > Timeline synchronization
> > + * object type.
> > + */
> > + DRM_PANTHOR_SYNC_OP_HANDLE_TYPE_TIMELINE_SYNCOBJ = 1,
> > +
> > + /** @DRM_PANTHOR_SYNC_OP_WAIT: Wait operation. */
> > + DRM_PANTHOR_SYNC_OP_WAIT = 0 << 31,
> > +
> > + /** @DRM_PANTHOR_SYNC_OP_SIGNAL: Signal operation. */
> > + DRM_PANTHOR_SYNC_OP_SIGNAL = (int)(1u << 31),
>
> Why do we cast to int here? 1u << 31 doesn't fit in a 32-bit signed
> integer, so isn't this undefined behavior in C?
>
> I'm asking, because Coverity complains about overflows when we assign
> the value to drm_panthor_sync_op::flags in Mesa, and looking at it...
> it seems to be right in complaining!
>
> For reference, here's the Coverity issue (requires login,
> unfortunately):
> https://scan5.scan.coverity.com/#/project-view/59795/10037?selectedIssue=1605083
>
The cast was originally suggested here [1]. If we don't want to rely
on gcc/llvm implementation of this UB, I guess the only option is to
redefine those enums as #defines.
[1]https://lore.kernel.org/dri-devel/89be8f8f-7c4e-4efd-0b7b-c30bcfbf1d23@xxxxxxx/
