[PATCH 1/5] vm/device_pager.c: dev_pager_alloc: 'size' must be non-zero
Konstantin Belousov
kostikbel at gmail.com
Wed Mar 12 10:30:18 UTC 2014
Thank you for the submission, I committed four patches, except this one.
On Tue, Mar 11, 2014 at 05:19:39PM -0700, Conrad Meyer wrote:
> If size is zero, paddr is used uninitialized when assigning
> object1->pg_color.
So the issue there is only with non-managed device pager, right ?
Please note that GEM explicitely initializes color in the constructor.
I do not like the change below, it puts the policy into pager, while
currently the decision is up to managed pager consumers, e.g. GEM,
which do the similar check on its own.
I prefer a different way to shut down the warning, please see the
patch at the end of the message. Does it work for you ?
>
> Found with Clang static analysis.
>
> Signed-off-by: Conrad Meyer <conrad.meyer at isilon.com>
> ---
> sys/vm/device_pager.c | 6 ++++++
> 1 file changed, 6 insertions(+)
>
> diff --git a/sys/vm/device_pager.c b/sys/vm/device_pager.c
> index 13491ba..5125d20 100644
> --- a/sys/vm/device_pager.c
> +++ b/sys/vm/device_pager.c
> @@ -135,6 +135,12 @@ cdev_pager_allocate(void *handle, enum obj_type tp, struct cdev_pager_ops *ops,
> if (foff & PAGE_MASK)
> return (NULL);
>
> + /*
> + * Size must be non-zero.
> + */
> + if (size == 0)
> + return (NULL);
> +
> size = round_page(size);
> pindex = OFF_TO_IDX(foff + size);
>
diff --git a/sys/vm/device_pager.c b/sys/vm/device_pager.c
index 13491ba..4cd245a 100644
--- a/sys/vm/device_pager.c
+++ b/sys/vm/device_pager.c
@@ -414,6 +414,7 @@ old_dev_pager_ctor(void *handle, vm_ooffset_t size, vm_prot_t prot,
* XXX assumes VM_PROT_* == PROT_*
*/
npages = OFF_TO_IDX(size);
+ paddr = 0; /* Make paddr initialized for the case of size == 0. */
for (off = foff; npages--; off += PAGE_SIZE) {
if (csw->d_mmap(dev, off, &paddr, (int)prot, &dummy) != 0) {
dev_relthread(dev, ref);
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 834 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-hackers/attachments/20140312/6e821c88/attachment.sig>
More information about the freebsd-hackers
mailing list