From dc604f340a78e093946c3d89a884440c0cb6abba Mon Sep 17 00:00:00 2001 From: Dylan Baker Date: Thu, 20 Jun 2024 13:34:10 -0700 Subject: [PATCH] anv/grl: add some validation that we're not going to overflow Coverity has spotted a place where we could in theory overflow. In reality it wont happen as the potential overflow is a bitfield with a maximum of two values. Add an `assume()` statement to help out the compiler and document our assumption. fixes: dc1aedef2bd054884685ad971a3ef5be07ecd101 Reviewed-by: Kenneth Graunke Part-of: --- src/intel/vulkan/grl/grl_metakernel_gen.py | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/src/intel/vulkan/grl/grl_metakernel_gen.py b/src/intel/vulkan/grl/grl_metakernel_gen.py index 9e09df8a96d..7861b085c62 100644 --- a/src/intel/vulkan/grl/grl_metakernel_gen.py +++ b/src/intel/vulkan/grl/grl_metakernel_gen.py @@ -239,8 +239,13 @@ class Expression(SSAStatement): def write_c(self, w): if self.zone == 'cpu': - w.write('uint64_t {} = ', self.c_name) c_cpu_vals = [s.c_cpu_val() for s in self.srcs] + # There is one bitfield that is a uint64_t, but only holds 2 bits. + # In practice we won't overflow, but let's help the compiler (and + # coverity) out here. + if self.op == '<<': + w.write(f'assume({c_cpu_vals[0]} < (1 << 8));') + w.write('uint64_t {} = ', self.c_name) if len(self.srcs) == 1: w.write('({} {})', self.op, c_cpu_vals[0]) elif len(self.srcs) == 2: