Bug #3021: sys/dev/drm/i915/i915_gem_stolen.c:115]: (error) Signed integer overflow for expression '65535<<20' - DragonFlyBSD - DragonFlyBSD bugtracker

Actions

Copy link

Bug #3021

open

sys/dev/drm/i915/i915_gem_stolen.c:115]: (error) Signed integer overflow for expression '65535<<20'

Added by dcb over 7 years ago. Updated over 7 years ago.

Status:

In Progress

Priority:

Normal

Assignee:

Category:

Target version:

6.4

Start date:

04/11/2017

Due date:

% Done:

Estimated time:

Description

Source code is

base = bsm & BSM_MASK;

but

$ fgrep BSM_MASK `find dragonfly/sys/dev -name \*.h -print`
dragonfly/sys/dev/drm/i915/i915_reg.h:#define BSM_MASK (0xFFFF << 20)
$

Macro BSM_MASK seems to be 36 bits wide, which won't fit into a 32 bit int.

Actions

Copy link

Updated by ftigeot over 7 years ago

Status changed from New to In Progress

Thanks for the report.

This code is actually from Linux 4.7.10 and the bug has apparently been fixed in Linux commit aac440ff22a27155ae08f4d0fd6ac2971bfc5f3d present in Linux 4.9.

I don't think it is currently necessary to create a DragonFly-specific fix; I intend to import newer drm/i915 code from upstream, which
will fix this issue as a side effect.

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

DragonFlyBSD

Bug #3021

sys/dev/drm/i915/i915_gem_stolen.c:115]: (error) Signed integer overflow for expression '65535<<20'

Updated by ftigeot over 7 years ago