From mboxrd@z Thu Jan 1 00:00:00 1970 From: Eric Engestrom Subject: Re: [PATCH] drm/mm: avoid possible null pointer dereference Date: Mon, 23 May 2016 16:35:53 +0100 Message-ID: <20160523153553.GF13596@imgtec.com> References: <1463602639-4861-1-git-send-email-xypron.glpk@gmx.de> <20160523102714.GA13596@imgtec.com> <20160523125645.GY27098@phenom.ffwll.local> <20160523130226.GB19361@nuc-i3427.alporthouse.com> <20160523133829.GE13596@imgtec.com> <20160523134659.GD19361@nuc-i3427.alporthouse.com> Mime-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Return-path: Received: from mailapp01.imgtec.com (mailapp01.imgtec.com [195.59.15.196]) by gabe.freedesktop.org (Postfix) with ESMTP id 380166E1D0 for ; Mon, 23 May 2016 15:35:55 +0000 (UTC) Content-Disposition: inline In-Reply-To: <20160523134659.GD19361@nuc-i3427.alporthouse.com> List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dri-devel-bounces@lists.freedesktop.org Sender: "dri-devel" To: Chris Wilson , Heinrich Schuchardt , linux-kernel@vger.kernel.org, dri-devel@lists.freedesktop.org List-Id: dri-devel@lists.freedesktop.org T24gTW9uLCBNYXkgMjMsIDIwMTYgYXQgMDI6NDY6NTlQTSArMDEwMCwgQ2hyaXMgV2lsc29uIHdy b3RlOgo+IE9uIE1vbiwgTWF5IDIzLCAyMDE2IGF0IDAyOjM4OjI5UE0gKzAxMDAsIEVyaWMgRW5n ZXN0cm9tIHdyb3RlOgo+ID4gT24gTW9uLCBNYXkgMjMsIDIwMTYgYXQgMDI6MDI6MjZQTSArMDEw MCwgQ2hyaXMgV2lsc29uIHdyb3RlOgo+ID4gPiBPbiBNb24sIE1heSAyMywgMjAxNiBhdCAwMjo1 Njo0NVBNICswMjAwLCBEYW5pZWwgVmV0dGVyIHdyb3RlOgo+ID4gPiA+IE9uIE1vbiwgTWF5IDIz LCAyMDE2IGF0IDExOjI3OjE0QU0gKzAxMDAsIEVyaWMgRW5nZXN0cm9tIHdyb3RlOgo+ID4gPiA+ ID4gT24gV2VkLCBNYXkgMTgsIDIwMTYgYXQgMTA6MTc6MTlQTSArMDIwMCwgSGVpbnJpY2ggU2No dWNoYXJkdCB3cm90ZToKPiA+ID4gPiA+ID4gRG8gbm90IGRlcmVmZXJlbmNlIG5vZGUgYmVmb3Jl IHRoZSBjaGVjayBpZiBub2RlIGlzIE5VTEwuCj4gPiA+ID4gPiA+IAo+ID4gPiA+ID4gPiBTaWdu ZWQtb2ZmLWJ5OiBIZWlucmljaCBTY2h1Y2hhcmR0IDx4eXByb24uZ2xwa0BnbXguZGU+Cj4gPiA+ ID4gPiA+IC0tLQo+ID4gPiA+ID4gPiAgZHJpdmVycy9ncHUvZHJtL2RybV9tbS5jIHwgNCArKyst Cj4gPiA+ID4gPiA+ICAxIGZpbGUgY2hhbmdlZCwgMyBpbnNlcnRpb25zKCspLCAxIGRlbGV0aW9u KC0pCj4gPiA+ID4gPiA+IAo+ID4gPiA+ID4gPiBkaWZmIC0tZ2l0IGEvZHJpdmVycy9ncHUvZHJt L2RybV9tbS5jIGIvZHJpdmVycy9ncHUvZHJtL2RybV9tbS5jCj4gPiA+ID4gPiA+IGluZGV4IDA0 ZGU2ZmQuLmNiMzlmNDUgMTAwNjQ0Cj4gPiA+ID4gPiA+IC0tLSBhL2RyaXZlcnMvZ3B1L2RybS9k cm1fbW0uYwo+ID4gPiA+ID4gPiArKysgYi9kcml2ZXJzL2dwdS9kcm0vZHJtX21tLmMKPiA+ID4g PiA+ID4gQEAgLTE3OSwxMiArMTc5LDE0IEBAIHN0YXRpYyB2b2lkIGRybV9tbV9pbnNlcnRfaGVs cGVyKHN0cnVjdCBkcm1fbW1fbm9kZSAqaG9sZV9ub2RlLAo+ID4gPiA+ID4gPiAgaW50IGRybV9t bV9yZXNlcnZlX25vZGUoc3RydWN0IGRybV9tbSAqbW0sIHN0cnVjdCBkcm1fbW1fbm9kZSAqbm9k ZSkKPiA+ID4gPiA+ID4gIHsKPiA+ID4gPiA+ID4gIAlzdHJ1Y3QgZHJtX21tX25vZGUgKmhvbGU7 Cj4gPiA+ID4gPiA+IC0JdTY0IGVuZCA9IG5vZGUtPnN0YXJ0ICsgbm9kZS0+c2l6ZTsKPiA+ID4g PiA+ID4gKwl1NjQgZW5kOwo+ID4gPiA+ID4gPiAgCXU2NCBob2xlX3N0YXJ0Owo+ID4gPiA+ID4g PiAgCXU2NCBob2xlX2VuZDsKPiA+ID4gPiA+ID4gIAo+ID4gPiA+ID4gPiAgCUJVR19PTihub2Rl ID09IE5VTEwpOwo+ID4gPiA+ID4gPiAgCj4gPiA+ID4gPiA+ICsJZW5kID0gbm9kZS0+c3RhcnQg KyBub2RlLT5zaXplOwo+ID4gPiA+ID4gPiArCj4gPiA+ID4gPiA+ICAJLyogRmluZCB0aGUgcmVs ZXZhbnQgaG9sZSB0byBhZGQgb3VyIG5vZGUgdG8gKi8KPiA+ID4gPiA+ID4gIAlkcm1fbW1fZm9y X2VhY2hfaG9sZShob2xlLCBtbSwgaG9sZV9zdGFydCwgaG9sZV9lbmQpIHsKPiA+ID4gPiA+ID4g IAkJaWYgKGhvbGVfc3RhcnQgPiBub2RlLT5zdGFydCB8fCBob2xlX2VuZCA8IGVuZCkKPiA+ID4g PiA+ID4gLS0gCj4gPiA+ID4gPiA+IDIuMS40Cj4gPiA+ID4gPiAKPiA+ID4gPiA+IFJldmlld2Vk LWJ5OiBFcmljIEVuZ2VzdHJvbSA8ZXJpYy5lbmdlc3Ryb21AaW1ndGVjLmNvbT4KPiA+ID4gCj4g PiA+IFJlbW92ZSB1c2VsZXNzIGNoZWNrIGluc3RlYWQ/Cj4gPiA+IC1DaHJpcwo+ID4gCj4gPiBJ IHRlbmQgdG8gcHJlZmVyIGVycmluZyBvbiB0aGUgc2lkZSBvZiBjYXV0aW9uIGFuZCBoYXZlICh0 b28pIG1hbnkgY2hlY2tzLAo+ID4gZXNwZWNpYWxseSBzaW1wbGUgb25lcyBsaWtlIGF2b2lkaW5n IG51bGwgZGVyZWZlcmVuY2VzLgo+IAo+IEJVRyhub2RlID09IE5VTEwpIGlzIG5vIG1vcmUgaW5m b3JtYXRpdmUgdGhhbiBoaXR0aW5nIGEgR0ZQIHdpdGggKm5vZGUuCgpHb29kIHBvaW50LgoKPiAK PiA+IFRoYXQgc2FpZCwgQlVHKCkgbWlnaHQgYmUgdG9vIGV4dHJlbWUuIEknbSBub3QgYWxsIHRo YXQgZmFtaWxpYXIgd2l0aAo+ID4gdGhlIGNvZGUsIGJ1dCBpdCBkb2Vzbid0IHNlZW0gbGlrZSBp dCB3b3VsZCBiZSBhbiB1bnJlY292ZXJhYmxlIGZhaWx1cmUuCj4gPiBXQVJOKCkgaW5zdGVhZD8K PiAKPiBJdCdzIGEgcHJvZ3JhbW1pbmcgZXJyb3IsIGp1c3QgYXMgd291bGQgYmUgcGFzc2luZyBp biBtbSA9PSBOVUxMLiBNYXJrIHVwCj4gdGhlIGZ1bmN0aW9uIGFzIHJlcXVpcmluZyBub24tTlVM TCBwYXJhbWV0ZXJzLgo+IC1DaHJpcwoKVXNpbmcgYF9fYXR0cmlidXRlX18oKG5vbm51bGwpKWA/ IEkgYXBwcm92ZSBvZiB0aGF0IGlkZWEsIGFzIEkgZmluZAp0aG9zZSBhdHRyaWJ1dGVzIGV4dHJl bWVseSB1c2VmdWwgYW5kIHRyeSB0byBnZXQgdGhlbSB1c2VkIGFzIG11Y2ggYXMKcG9zc2libGUg YXQgJERBWUpPQi4KCkkgaGF2ZSBub3RpY2VkIGhvd2V2ZXIgdGhhdCB0aGlzIHBhcnRpY3VsYXIg YXR0cmlidXRlIGlzbid0IHVzZWQgbXVjaCBpbgp0aGUga2VybmVsICg0IHRpbWVzIHRoYXQgSSBj b3VsZCBmaW5kIHdpdGggYSBzaW1wbGUgZ3JlcCksIHRvIHRoZSBwb2ludApvZiBub3QgZXZlbiBo YXZpbmcgYSBgX19ub25udWxsYC4gQW55IHJlYXNvbiB5b3Uga25vdyBvZj8KCkNoZWVycywKICBF cmljCl9fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fCmRyaS1k ZXZlbCBtYWlsaW5nIGxpc3QKZHJpLWRldmVsQGxpc3RzLmZyZWVkZXNrdG9wLm9yZwpodHRwczov L2xpc3RzLmZyZWVkZXNrdG9wLm9yZy9tYWlsbWFuL2xpc3RpbmZvL2RyaS1kZXZlbAo= From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754281AbcEWPf5 (ORCPT ); Mon, 23 May 2016 11:35:57 -0400 Received: from mailapp01.imgtec.com ([195.59.15.196]:52082 "EHLO mailapp01.imgtec.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753235AbcEWPf4 (ORCPT ); Mon, 23 May 2016 11:35:56 -0400 Date: Mon, 23 May 2016 16:35:53 +0100 From: Eric Engestrom To: Chris Wilson , Heinrich Schuchardt , , Subject: Re: [PATCH] drm/mm: avoid possible null pointer dereference Message-ID: <20160523153553.GF13596@imgtec.com> References: <1463602639-4861-1-git-send-email-xypron.glpk@gmx.de> <20160523102714.GA13596@imgtec.com> <20160523125645.GY27098@phenom.ffwll.local> <20160523130226.GB19361@nuc-i3427.alporthouse.com> <20160523133829.GE13596@imgtec.com> <20160523134659.GD19361@nuc-i3427.alporthouse.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Disposition: inline In-Reply-To: <20160523134659.GD19361@nuc-i3427.alporthouse.com> User-Agent: Mutt/1.6.1 (2016-04-27) X-Originating-IP: [10.60.4.28] Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, May 23, 2016 at 02:46:59PM +0100, Chris Wilson wrote: > On Mon, May 23, 2016 at 02:38:29PM +0100, Eric Engestrom wrote: > > On Mon, May 23, 2016 at 02:02:26PM +0100, Chris Wilson wrote: > > > On Mon, May 23, 2016 at 02:56:45PM +0200, Daniel Vetter wrote: > > > > On Mon, May 23, 2016 at 11:27:14AM +0100, Eric Engestrom wrote: > > > > > On Wed, May 18, 2016 at 10:17:19PM +0200, Heinrich Schuchardt wrote: > > > > > > Do not dereference node before the check if node is NULL. > > > > > > > > > > > > Signed-off-by: Heinrich Schuchardt > > > > > > --- > > > > > > drivers/gpu/drm/drm_mm.c | 4 +++- > > > > > > 1 file changed, 3 insertions(+), 1 deletion(-) > > > > > > > > > > > > diff --git a/drivers/gpu/drm/drm_mm.c b/drivers/gpu/drm/drm_mm.c > > > > > > index 04de6fd..cb39f45 100644 > > > > > > --- a/drivers/gpu/drm/drm_mm.c > > > > > > +++ b/drivers/gpu/drm/drm_mm.c > > > > > > @@ -179,12 +179,14 @@ static void drm_mm_insert_helper(struct drm_mm_node *hole_node, > > > > > > int drm_mm_reserve_node(struct drm_mm *mm, struct drm_mm_node *node) > > > > > > { > > > > > > struct drm_mm_node *hole; > > > > > > - u64 end = node->start + node->size; > > > > > > + u64 end; > > > > > > u64 hole_start; > > > > > > u64 hole_end; > > > > > > > > > > > > BUG_ON(node == NULL); > > > > > > > > > > > > + end = node->start + node->size; > > > > > > + > > > > > > /* Find the relevant hole to add our node to */ > > > > > > drm_mm_for_each_hole(hole, mm, hole_start, hole_end) { > > > > > > if (hole_start > node->start || hole_end < end) > > > > > > -- > > > > > > 2.1.4 > > > > > > > > > > Reviewed-by: Eric Engestrom > > > > > > Remove useless check instead? > > > -Chris > > > > I tend to prefer erring on the side of caution and have (too) many checks, > > especially simple ones like avoiding null dereferences. > > BUG(node == NULL) is no more informative than hitting a GFP with *node. Good point. > > > That said, BUG() might be too extreme. I'm not all that familiar with > > the code, but it doesn't seem like it would be an unrecoverable failure. > > WARN() instead? > > It's a programming error, just as would be passing in mm == NULL. Mark up > the function as requiring non-NULL parameters. > -Chris Using `__attribute__((nonnull))`? I approve of that idea, as I find those attributes extremely useful and try to get them used as much as possible at $DAYJOB. I have noticed however that this particular attribute isn't used much in the kernel (4 times that I could find with a simple grep), to the point of not even having a `__nonnull`. Any reason you know of? Cheers, Eric