From: "Roger Pau Monné" <roger.pau@citrix.com>
To: Andrew Cooper <andrew.cooper3@citrix.com>
Cc: xen-devel@lists.xenproject.org, Jan Beulich <jbeulich@suse.com>
Subject: Re: [PATCH 5/7] x86/ioremap: prevent additions against the NULL pointer
Date: Fri, 14 Mar 2025 09:43:33 +0100 [thread overview]
Message-ID: <Z9PsNVbC4leLFMqO@macbook.local> (raw)
In-Reply-To: <ad26bb49-4025-4190-ba69-c03584cf2229@citrix.com>
On Thu, Mar 13, 2025 at 05:21:13PM +0000, Andrew Cooper wrote:
> On 13/03/2025 3:30 pm, Roger Pau Monne wrote:
> > This was reported by clang UBSAN as:
> >
> > UBSAN: Undefined behaviour in arch/x86/mm.c:6297:40
> > applying zero offset to null pointer
> > [...]
> > Xen call trace:
> > [<ffff82d040303662>] R common/ubsan/ubsan.c#ubsan_epilogue+0xa/0xc0
> > [<ffff82d040304aa3>] F __ubsan_handle_pointer_overflow+0xcb/0x100
> > [<ffff82d0406ebbc0>] F ioremap_wc+0xc8/0xe0
> > [<ffff82d0406c3728>] F video_init+0xd0/0x180
> > [<ffff82d0406ab6f5>] F console_init_preirq+0x3d/0x220
> > [<ffff82d0406f1876>] F __start_xen+0x68e/0x5530
> > [<ffff82d04020482e>] F __high_start+0x8e/0x90
> >
> > Fix bt_ioremap() and ioremap{,_wc}() to not add the offset if the returned
> > pointer from __vmap() is NULL.
> >
> > Fixes: d0d4635d034f ('implement vmap()')
> > Fixes: f390941a92f1 ('x86/DMI: fix table mapping when one lives above 1Mb')
> > Fixes: 81d195c6c0e2 ('x86: introduce ioremap_wc()')
> > Signed-off-by: Roger Pau Monné <roger.pau@citrix.com>
>
> Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>, with one style fix.
>
> It's unfortunate, because C23 makes this one case (add 0 to NULL
> pointer) explicitly well defined to avoid corner cases like this. Oh well.
Interesting, so they added a new type (nullptr_t) that has a single
possible value (nullptr), and hence arithmetic operations against it
always result in nullptr. That's helpful to prevent this kind of
bugs.
> > diff --git a/xen/arch/x86/dmi_scan.c b/xen/arch/x86/dmi_scan.c
> > index 2fcc485295eb..a05492037519 100644
> > --- a/xen/arch/x86/dmi_scan.c
> > +++ b/xen/arch/x86/dmi_scan.c
> > @@ -119,8 +120,10 @@ static const void *__init bt_ioremap(paddr_t addr, unsigned int len)
> > if ( system_state < SYS_STATE_boot )
> > return __acpi_map_table(addr, len);
> >
> > - return __vmap(&mfn, PFN_UP(offs + len), 1, 1, PAGE_HYPERVISOR_RO,
> > - VMAP_DEFAULT) + offs;
> > + va = __vmap(&mfn, PFN_UP(offs + len), 1, 1, PAGE_HYPERVISOR_RO,
> > + VMAP_DEFAULT);
>
> You've got mixed tabs/spaces here.
Thanks, vim autodetection is a bit confused with this file because it
uses both hard and soft tabs, fixed now.
Roger.
next prev parent reply other threads:[~2025-03-14 8:43 UTC|newest]
Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-03-13 15:30 [PATCH 0/7] x86/ubsan: fix ubsan on clang + code fixes Roger Pau Monne
2025-03-13 15:30 ` [PATCH 1/7] xen/ubsan: provide helper for clang's -fsanitize=function Roger Pau Monne
2025-03-13 17:18 ` Andrew Cooper
2025-03-13 15:30 ` [PATCH 2/7] x86/wait: prevent duplicated assembly labels Roger Pau Monne
2025-03-13 19:07 ` Andrew Cooper
2025-03-14 8:24 ` Jan Beulich
2025-03-14 8:30 ` Roger Pau Monné
2025-03-14 8:44 ` Jan Beulich
2025-03-14 9:05 ` Andrew Cooper
2025-03-14 9:13 ` Jan Beulich
2025-03-14 10:12 ` Roger Pau Monné
2025-03-14 11:17 ` Jan Beulich
2025-03-14 11:20 ` Andrew Cooper
2025-03-14 9:06 ` Roger Pau Monné
2025-03-14 9:15 ` Jan Beulich
2025-03-13 15:30 ` [PATCH 3/7] x86/dom0: placate GCC 12 compile-time errors with UBSAN and PVH_GUEST Roger Pau Monne
2025-03-13 19:35 ` Andrew Cooper
2025-03-14 8:10 ` Jan Beulich
2025-03-14 8:27 ` Roger Pau Monné
2025-03-14 8:33 ` Jan Beulich
2025-03-14 9:10 ` Roger Pau Monné
2025-03-13 15:30 ` [PATCH 4/7] xen/ubsan: expand pointer overflow message printing Roger Pau Monne
2025-03-13 17:22 ` Andrew Cooper
2025-03-13 15:30 ` [PATCH 5/7] x86/ioremap: prevent additions against the NULL pointer Roger Pau Monne
2025-03-13 17:21 ` Andrew Cooper
2025-03-14 8:43 ` Roger Pau Monné [this message]
2025-03-14 11:25 ` Andrew Cooper
2025-03-13 15:30 ` [PATCH 6/7] x86/vga: fix mapping of the VGA text buffer Roger Pau Monne
2025-03-13 19:39 ` Andrew Cooper
2025-03-14 10:39 ` Roger Pau Monné
2025-03-14 11:23 ` Jan Beulich
2025-03-14 11:58 ` Roger Pau Monné
2025-03-13 15:30 ` [PATCH 7/7] kconfig/randconfig: enable UBSAN for randconfig Roger Pau Monne
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Z9PsNVbC4leLFMqO@macbook.local \
--to=roger.pau@citrix.com \
--cc=andrew.cooper3@citrix.com \
--cc=jbeulich@suse.com \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.