Re: [PATCH] ati_pcigart: fix format type warning

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

I'm also getting

  CC      drivers/gpu/drm/radeon/radeon_state.o
In file included from /home/boris/kernel/linux-2.6/arch/x86/include/asm/uaccess.h:571,
                 from include/drm/drmP.h:63,
                 from drivers/gpu/drm/radeon/radeon_state.c:30:
In function ‘copy_from_user’,
    inlined from ‘radeon_cp_clear’ at drivers/gpu/drm/radeon/radeon_state.c:2145:
/home/boris/kernel/linux-2.6/arch/x86/include/asm/uaccess_32.h:212: warning: call to ‘copy_from_user_overflow’ declared with attribute warning: copy_from_user() buffer size is not provably correct
  LD      drivers/gpu/drm/radeon/radeon.o

which is caused by the compile-time check in copy_from_user introduced in
4a312769:

        if (DRM_COPY_FROM_USER(&depth_boxes, clear->depth_boxes,
                               sarea_priv->nbox * sizeof(depth_boxes[0])))

due to the sarea_priv->nbox being unknown at compile time, even though
the code clamps its value earlier in case it might cause an overflow:

        if (sarea_priv->nbox > RADEON_NR_SAREA_CLIPRECTS)
                sarea_priv->nbox = RADEON_NR_SAREA_CLIPRECTS;


Circumventing the check shuts up the warning but I'm not sure whether
this is what we want to do in cases like this one:

--

diff --git a/drivers/gpu/drm/radeon/radeon_state.c b/drivers/gpu/drm/radeon/radeon_state.c
index 067167c..9b42598 100644
--- a/drivers/gpu/drm/radeon/radeon_state.c
+++ b/drivers/gpu/drm/radeon/radeon_state.c
@@ -2139,7 +2139,7 @@ static int radeon_cp_clear(struct drm_device *dev, void *data, struct drm_file *
 	if (sarea_priv->nbox > RADEON_NR_SAREA_CLIPRECTS)
 		sarea_priv->nbox = RADEON_NR_SAREA_CLIPRECTS;
 
-	if (DRM_COPY_FROM_USER(&depth_boxes, clear->depth_boxes,
+	if (_copy_from_user(&depth_boxes, clear->depth_boxes,
 			       sarea_priv->nbox * sizeof(depth_boxes[0])))
 		return -EFAULT;
 

-- 
Regards/Gruss,
    Boris.


