Hi Dan, On 28/01/16 22:30, Dan Carpenter wrote: > Hello Tvrtko Ursulin, > > The patch de1add360522: "drm/i915: Decouple execbuf uAPI from > internal implementation" from Jan 15, 2016, leads to the following > static checker warning: > > drivers/gpu/drm/i915/i915_gem_execbuffer.c:1411 eb_select_ring() > warn: buffer overflow 'dev_priv->ring' 5 <= 16385 > > drivers/gpu/drm/i915/i915_gem_execbuffer.c > 1397 if (user_ring_id == I915_EXEC_BSD && HAS_BSD2(dev_priv)) { > 1398 unsigned int bsd_idx = args->flags & > I915_EXEC_BSD_MASK; > 1399 > 1400 if (bsd_idx == I915_EXEC_BSD_DEFAULT) { > 1401 bsd_idx = gen8_dispatch_bsd_ring(dev_priv, > file); > 1402 } else if (bsd_idx >= I915_EXEC_BSD_RING1 && > 1403 bsd_idx <= I915_EXEC_BSD_RING2) { > 1404 bsd_idx--; > ^^^^^^^^^ > This should probablye be "bsd_idx = (bsd_idx >> 13) - 1;" or something. > > 1405 } else { > 1406 DRM_DEBUG("execbuf with unknown bsd ring: > %u\n", > 1407 bsd_idx); > 1408 return -EINVAL; > 1409 } > 1410 > 1411 *ring = &dev_priv->ring[_VCS(bsd_idx)]; > > Otherwise we're way past the end of this array.
Yep, we have already found this and fixed it in "drm/i915: Fix VCS ring selection after uapi decoupling". Thanks for the report, it is very useful! Regards, Tvrtko