[bug report] vmwgfx: Implement fence objects
Dan Carpenter
dan.carpenter at oracle.com
Fri Sep 10 07:30:14 UTC 2021
Hello Thomas Hellstrom,
The patch ae2a104058e2: "vmwgfx: Implement fence objects" from Sep 1,
2011, leads to the following
Smatch static checker warning:
drivers/dma-buf/dma-fence.c:790 dma_fence_default_wait()
warn: user controlled unbound timeout
drivers/gpu/drm/vmwgfx/vmwgfx_fence.c
784 int vmw_fence_obj_wait_ioctl(struct drm_device *dev, void *data,
785 struct drm_file *file_priv)
786 {
787 struct drm_vmw_fence_wait_arg *arg =
788 (struct drm_vmw_fence_wait_arg *)data;
789 unsigned long timeout;
790 struct ttm_base_object *base;
791 struct vmw_fence_obj *fence;
792 struct ttm_object_file *tfile = vmw_fpriv(file_priv)->tfile;
793 int ret;
794 uint64_t wait_timeout = ((uint64_t)arg->timeout_us * HZ);
timeout comes from the ioctl.
795
796 /*
797 * 64-bit division not present on 32-bit systems, so do an
798 * approximation. (Divide by 1000000).
799 */
800
801 wait_timeout = (wait_timeout >> 20) + (wait_timeout >> 24) -
802 (wait_timeout >> 26);
803
804 if (!arg->cookie_valid) {
805 arg->cookie_valid = 1;
806 arg->kernel_cookie = jiffies + wait_timeout;
807 }
808
809 base = vmw_fence_obj_lookup(tfile, arg->handle);
810 if (IS_ERR(base))
811 return PTR_ERR(base);
812
813 fence = &(container_of(base, struct vmw_user_fence, base)->fence);
814
815 timeout = jiffies;
816 if (time_after_eq(timeout, (unsigned long)arg->kernel_cookie)) {
817 ret = ((vmw_fence_obj_signaled(fence)) ?
818 0 : -EBUSY);
819 goto out;
820 }
821
822 timeout = (unsigned long)arg->kernel_cookie - timeout;
823
824 ret = vmw_fence_obj_wait(fence, arg->lazy, true, timeout);
This is a new Smatch warning. To try figure out places which can
trigger sysbot "task hung" warnings. I don't know if an upper bound on
timeout is appropriate here because this is new experimental check...
825
826 out:
827 ttm_base_object_unref(&base);
regards,
dan carpenter
More information about the dri-devel
mailing list