From 766531b9dda8989c3eab64d2f46c6c6f96330657 Mon Sep 17 00:00:00 2001 From: riastradh Date: Sat, 24 Dec 2016 15:46:50 +0000 Subject: [PATCH] Guarantee no zero-size uao/kmem allocations via ttm. It may be that all callers guarantee no zero-size ttm objects, but I can't prove that in five minutes of browsing callers. Rather than add a KASSERT, lacking proof, we'll add a warning message so that if it does happen then it happens noisily, but we'll also prevent the bad consequences of passing zero into uao_create by rounding up to a harmless nonzero allocation. XXX pullup-7 --- sys/external/bsd/drm2/dist/drm/ttm/ttm_tt.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/sys/external/bsd/drm2/dist/drm/ttm/ttm_tt.c b/sys/external/bsd/drm2/dist/drm/ttm/ttm_tt.c index 7256da989aa9..c331cc5032df 100644 --- a/sys/external/bsd/drm2/dist/drm/ttm/ttm_tt.c +++ b/sys/external/bsd/drm2/dist/drm/ttm/ttm_tt.c @@ -203,6 +203,9 @@ int ttm_tt_init(struct ttm_tt *ttm, struct ttm_bo_device *bdev, ttm->dummy_read_page = dummy_read_page; ttm->state = tt_unpopulated; #ifdef __NetBSD__ + WARN(size == 0, "zero-size allocation in %s, please file a NetBSD PR", + __func__); /* paranoia -- can't prove in five minutes */ + size = MAX(size, 1); ttm->swap_storage = uao_create(roundup2(size, PAGE_SIZE), 0); uao_set_pgfl(ttm->swap_storage, bus_dmamem_pgfl(bdev->dmat)); #else @@ -245,6 +248,9 @@ int ttm_dma_tt_init(struct ttm_dma_tt *ttm_dma, struct ttm_bo_device *bdev, ttm->dummy_read_page = dummy_read_page; ttm->state = tt_unpopulated; #ifdef __NetBSD__ + WARN(size == 0, "zero-size allocation in %s, please file a NetBSD PR", + __func__); /* paranoia -- can't prove in five minutes */ + size = MAX(size, 1); ttm->swap_storage = uao_create(roundup2(size, PAGE_SIZE), 0); uao_set_pgfl(ttm->swap_storage, bus_dmamem_pgfl(bdev->dmat)); #else