Received: by 2002:a05:6358:d09b:b0:dc:cd0c:909e with SMTP id jc27csp898666rwb; Wed, 7 Dec 2022 06:23:42 -0800 (PST) X-Google-Smtp-Source: AA0mqf4jar/BIOCzhAxVBzQtKChpQuBOHhRYVY40AXaLGk3GKmB7QxbkOQMeBXy7u+YJhBWrrapJ X-Received: by 2002:a17:907:7e94:b0:7ba:e547:4d83 with SMTP id qb20-20020a1709077e9400b007bae5474d83mr5564460ejc.163.1670423022122; Wed, 07 Dec 2022 06:23:42 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1670423022; cv=none; d=google.com; s=arc-20160816; b=UFMoyNUikSVzjJ/Xbvh7Kw2TzyS4O9zhIZ2+2gTPBEEwUSa5ogubYsj5wJcG3yLYIZ V3wBhFlOD3l/I+TzzI+fl+qabDGO1ZW+I/qsXfpAKI0ghZ7rR41vhKdbKj31e7kb6toq FKWeCjYViqSrfPteuzOIm1JC9r5s9PBv8ccvj+ZtI9VSj32LaYXbviKT5c2XF7iIrDy4 vAQacg4fSZB5EJazyfTOay451WF0cG801ngkdgqy8uppqikmuydNMtaDA7bQd71vSqj2 XfeSokCv3Wl0eGGsYA/NVwj/61TgbCOSrVVEiJkEukKCbfOIGzJHjp7HOAOkH6ZpDDGB komQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:in-reply-to:from :references:cc:to:content-language:subject:user-agent:mime-version :date:message-id; bh=unnuYMtbjzH+1rb6jg/XfJbI+dFeEayjEr29t+uMT5o=; b=nayuDGZ572E7qrU6S72OuJ3XQC5qNKLVyu8+1LHPhB5uny8yrHuHMuV2FULahr3r13 AvCY8AxDKpr7/pNybzpAvjeBnVDpk0TtyfTFDUCM3jzt0Ac2VkY/UlW9jFP21b+Fu/Kd 5PoSOMABjHIs1y9pm4QxeQMDpFqfau0JE1CrSkjC4mS8g6D+hG3UwiRTYUHINdHDIfFs XiCq/5mlRuVPXZ0wEYSTc29Hfnnj3Mag84zeOv95pnNQVwl98tO6efbW96DHNuUCVEiD f40C7mYA1pi7/UOgiU/lUF56HYj1UWA0S1BR5nMlBB1tylkoSdcISzgEnm1AN693H5Mz 19LQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=arm.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id eb11-20020a0564020d0b00b0046cc0dece7dsi5327922edb.163.2022.12.07.06.23.24; Wed, 07 Dec 2022 06:23:42 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=arm.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229844AbiLGN71 (ORCPT + 75 others); Wed, 7 Dec 2022 08:59:27 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55434 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229735AbiLGN7L (ORCPT ); Wed, 7 Dec 2022 08:59:11 -0500 Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id 6079C5B594 for ; Wed, 7 Dec 2022 05:59:10 -0800 (PST) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 9C86523A; Wed, 7 Dec 2022 05:59:16 -0800 (PST) Received: from [10.57.74.110] (unknown [10.57.74.110]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id BFB793F73D; Wed, 7 Dec 2022 05:59:08 -0800 (PST) Message-ID: <17efaae0-9b6c-86ea-5fec-568d024d229f@arm.com> Date: Wed, 7 Dec 2022 13:59:04 +0000 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:102.0) Gecko/20100101 Thunderbird/102.5.0 Subject: Re: [PATCH] drm: mali-dp: Add check for kzalloc Content-Language: en-GB To: Jiasheng Jiang , liviu.dudau@arm.com, brian.starkey@arm.com, airlied@gmail.com, daniel@ffwll.ch Cc: linux-kernel@vger.kernel.org, dri-devel@lists.freedesktop.org References: <20221207092118.20603-1-jiasheng@iscas.ac.cn> From: Robin Murphy In-Reply-To: <20221207092118.20603-1-jiasheng@iscas.ac.cn> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-4.5 required=5.0 tests=BAYES_00,NICE_REPLY_A, RCVD_IN_DNSWL_MED,SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 2022-12-07 09:21, Jiasheng Jiang wrote: > As kzalloc may fail and return NULL pointer, it should be better to check > the return value in order to avoid the NULL pointer dereference in > __drm_atomic_helper_connector_reset. This commit message is nonsense; if __drm_atomic_helper_connector_reset() would dereference the NULL implied by &mw_state->base, it would equally still dereference the explicit NULL pointer passed after this patch. The current code works out OK because "base" is the first member of struct malidp_mw_connector_state, thus if mw_state is NULL then &mw_state->base == NULL + 0 == NULL. Now you *could* argue that this isn't robust if the layout of struct malidp_mw_connector_state ever changes, and that could be a valid justification for making this change, but the reason given certainly isn't. Arithmetic on a (potentially) NULL pointer may well be a sign that it's worth a closer look to check whether it really is what the code intended to do, but don't automatically assume it has to be a bug. Otherwise, good luck with "fixing" every user of container_of() throughout the entire kernel. Thanks, Robin. > Fixes: 8cbc5caf36ef ("drm: mali-dp: Add writeback connector") > Signed-off-by: Jiasheng Jiang > --- > drivers/gpu/drm/arm/malidp_mw.c | 6 +++++- > 1 file changed, 5 insertions(+), 1 deletion(-) > > diff --git a/drivers/gpu/drm/arm/malidp_mw.c b/drivers/gpu/drm/arm/malidp_mw.c > index ef76d0e6ee2f..fe4474c2ddcf 100644 > --- a/drivers/gpu/drm/arm/malidp_mw.c > +++ b/drivers/gpu/drm/arm/malidp_mw.c > @@ -72,7 +72,11 @@ static void malidp_mw_connector_reset(struct drm_connector *connector) > __drm_atomic_helper_connector_destroy_state(connector->state); > > kfree(connector->state); > - __drm_atomic_helper_connector_reset(connector, &mw_state->base); > + > + if (mw_state) > + __drm_atomic_helper_connector_reset(connector, &mw_state->base); > + else > + __drm_atomic_helper_connector_reset(connector, NULL); > } > > static enum drm_connector_status