[U-Boot] [PATCH] Prevent malloc with size 0

[Graeme Russ]

On 04/03/2012 09:35 AM, Graeme Russ wrote:
> Hi Jocke

> And I really need to check, but I have a sneaking suspicion that as the
> code currently stands in U-Boot/x86 dereferencing a NULL pointer won't
> cause an exception. In x86, U-Boot configures all protected mode segments
> to be 4GB starting at physical address 0x00000000 with no virtual address
> translation. Accessing physical address 0x00000000 is just as valid as
> accessing 0x00000001 (or any other address).
> 
> Now if I set segments to start at 0x00000002 then I can trap a segmentation
> fault for accesses to 0x00000000 (NULL) and 0x00000001 (malloc(0) pointer)
> 
> That will mean that U-Boot cannot ever access those two bytes of memory,
> but I doubt that I would ever want to. And I will need to set the segments
> to base address 0x00000000 before jumping into Linux...

OK, this is not as easy as it sounds. Detecting NULL pointer dereferences
will involve enabling paging[1] which is something I really do not want to
do in U-Boot. Flat Protected Mode with a 4GB linear map is perfectly fit
for purpose, and that is how the Linux kernel expects things to be
configured so it will be a major PITA to change.

In short, returning non-NULL from malloc(0) and expecting a CPU exception
when it is de-referenced is not going to fly.

If we choose this path, at least put a debug() statement in to warn when
malloc(0) is called.

Regards,

Graeme

[1] Apparently the way do do it is to reserve the entire first 4kB page and
mark it as 'not-present' so any access causes a page-fault.