From 6259a56ba0e1c3a15954e22ea531e810944518cb Mon Sep 17 00:00:00 2001 From: Chris Wilson Date: Thu, 22 Dec 2016 08:36:28 +0000 Subject: [PATCH] drm: Add asserts to catch overflow in drm_mm_init() and drm_mm_init_scan() A simple assert to ensure that we don't overflow start + size when initialising the drm_mm, or its scanner. In future, we may want to switch to tracking the value of ranges (rather than size) so that we can cover the full u64, for example like resource tracking. Signed-off-by: Chris Wilson Reviewed-by: Joonas Lahtinen Signed-off-by: Daniel Vetter Link: http://patchwork.freedesktop.org/patch/msgid/20161222083641.2691-26-chris@chris-wilson.co.uk --- drivers/gpu/drm/drm_mm.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/drivers/gpu/drm/drm_mm.c b/drivers/gpu/drm/drm_mm.c index e0419cf09bbb..b80305484124 100644 --- a/drivers/gpu/drm/drm_mm.c +++ b/drivers/gpu/drm/drm_mm.c @@ -729,6 +729,8 @@ void drm_mm_init_scan(struct drm_mm *mm, u64 alignment, unsigned long color) { + DRM_MM_BUG_ON(!size); + mm->scan_color = color; mm->scan_alignment = alignment; mm->scan_size = size; @@ -764,6 +766,9 @@ void drm_mm_init_scan_with_range(struct drm_mm *mm, u64 start, u64 end) { + DRM_MM_BUG_ON(start >= end); + DRM_MM_BUG_ON(!size || size > end - start); + mm->scan_color = color; mm->scan_alignment = alignment; mm->scan_size = size; @@ -882,6 +887,8 @@ EXPORT_SYMBOL(drm_mm_scan_remove_block); */ void drm_mm_init(struct drm_mm *mm, u64 start, u64 size) { + DRM_MM_BUG_ON(start + size <= start); + INIT_LIST_HEAD(&mm->hole_stack); mm->scanned_blocks = 0; -- 2.20.1