[PATCH] mm/memblock.c: fix NULL dereference error

From: zijun_hu
Date: Tue Aug 02 2016 - 00:35:28 EST

Next message: Santosh Shilimkar: "[RFC PATCH] softirq: fix tasklet_kill() usage and users"
Previous message: Masahiro Yamada: "[PATCH v5 2/2] clk: uniphier: add clock data for UniPhier SoCs"
Next in thread: zijun_hu: "[PATCH] mm/memblock.c: fix NULL dereference error"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

it causes NULL dereference error and failure to get type_a->regions[0] info
if parameter type_b of __next_mem_range_rev() == NULL

the bugs are fixed by checking before dereferring and initializing idx_b
to 0

the approach is tested by dumping all types of region via __memblock_dump_all()
and __next_mem_range_rev() fixed to UART separately, the result is okay after
checking the logs

Signed-off-by: zijun_hu <zijun_hu@xxxxxxx>
Tested-by: zijun_hu <zijun_hu@xxxxxxx>
Acked-by: Tejun Heo <tj@xxxxxxxxxx>
---
mm/memblock.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/mm/memblock.c b/mm/memblock.c
index ff5ff3b..250dd48 100644
--- a/mm/memblock.c
+++ b/mm/memblock.c
@@ -994,7 +994,10 @@ void __init_memblock __next_mem_range_rev(u64 *idx, int nid, ulong flags,

if (*idx == (u64)ULLONG_MAX) {
idx_a = type_a->cnt - 1;
- idx_b = type_b->cnt;
+ if (type_b != NULL)
+ idx_b = type_b->cnt;
+ else
+ idx_b = 0;
}

for (; idx_a >= 0; idx_a--) {
--
1.9.1

--------------090206090703080007050006
Content-Type: text/x-patch;
name="0002-mm-temporary-patch-for-fix-memblock-issue-test.patch"
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
filename*0="0002-mm-temporary-patch-for-fix-memblock-issue-test.patch"

Next message: Santosh Shilimkar: "[RFC PATCH] softirq: fix tasklet_kill() usage and users"
Previous message: Masahiro Yamada: "[PATCH v5 2/2] clk: uniphier: add clock data for UniPhier SoCs"
Next in thread: zijun_hu: "[PATCH] mm/memblock.c: fix NULL dereference error"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]