linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [RFC] fix slub krealloc()
@ 2007-07-18 15:42 Johannes Berg
  2007-07-23 20:32 ` Christoph Lameter
  0 siblings, 1 reply; 7+ messages in thread
From: Johannes Berg @ 2007-07-18 15:42 UTC (permalink / raw)
  To: Christoph Lameter; +Cc: linux-kernel

Commit ef2ad80c7d255ed0449eda947c2d700635b7e0f5 breaks
krealloc(NULL, ...) badly, it BUG_ON()s.

This patch fixes it but the fix should probably be in mm/util.c because
the documentation says that krealloc(NULL, x, gfp) is equivalent to
kmalloc(x, gfp) and that's not true any more even after this patch when
you do krealloc(NULL, 0, gfp)

johannes

---
 mm/slub.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

--- wireless-dev.orig/mm/slub.c	2007-07-18 16:25:11.809440194 +0200
+++ wireless-dev/mm/slub.c	2007-07-18 16:25:22.809440194 +0200
@@ -2394,7 +2394,7 @@ size_t ksize(const void *object)
 	struct page *page;
 	struct kmem_cache *s;
 
-	if (object == ZERO_SIZE_PTR)
+	if (object == ZERO_SIZE_PTR || !object)
 		return 0;
 
 	page = get_object_page(object);



^ permalink raw reply	[flat|nested] 7+ messages in thread
* Re: [RFC] fix slub krealloc()
  2007-07-18 15:42 [RFC] fix slub krealloc() Johannes Berg
@ 2007-07-23 20:32 ` Christoph Lameter
  2007-07-23 20:47   ` Andrew Morton
  0 siblings, 1 reply; 7+ messages in thread
From: Christoph Lameter @ 2007-07-23 20:32 UTC (permalink / raw)
  To: Johannes Berg; +Cc: linux-kernel, akpm

On Wed, 18 Jul 2007 17:42:11 +0200
Johannes Berg <johannes@sipsolutions.net> wrote:

> Commit ef2ad80c7d255ed0449eda947c2d700635b7e0f5 breaks
> krealloc(NULL, ...) badly, it BUG_ON()s.
> 
> This patch fixes it but the fix should probably be in mm/util.c
> because the documentation says that krealloc(NULL, x, gfp) is
> equivalent to kmalloc(x, gfp) and that's not true any more even after
> this patch when you do krealloc(NULL, 0, gfp)

Right. We need to fix util.c. ksize should not be called with a NULL
parameter.
Index: linux-2.6/mm/util.c
===================================================================
--- linux-2.6.orig/mm/util.c	2007-07-23 13:29:42.000000000 -0700
+++ linux-2.6/mm/util.c	2007-07-23 13:31:28.000000000 -0700
@@ -88,7 +88,11 @@ void *krealloc(const void *p, size_t new
 		return ZERO_SIZE_PTR;
 	}
 
-	ks = ksize(p);
+	if (p)
+		ks = ksize(p);
+	else
+		ks = 0;
+
 	if (ks >= new_size)
 		return (void *)p;
 

^ permalink raw reply	[flat|nested] 7+ messages in thread
* Re: [RFC] fix slub krealloc()
  2007-07-23 20:32 ` Christoph Lameter
@ 2007-07-23 20:47   ` Andrew Morton
  2007-07-23 21:37     ` Christoph Lameter
  0 siblings, 1 reply; 7+ messages in thread
From: Andrew Morton @ 2007-07-23 20:47 UTC (permalink / raw)
  To: Christoph Lameter; +Cc: Johannes Berg, linux-kernel

On Mon, 23 Jul 2007 13:32:06 -0700
Christoph Lameter <clameter@sgi.com> wrote:

> On Wed, 18 Jul 2007 17:42:11 +0200
> Johannes Berg <johannes@sipsolutions.net> wrote:
> 
> > Commit ef2ad80c7d255ed0449eda947c2d700635b7e0f5 breaks
> > krealloc(NULL, ...) badly, it BUG_ON()s.
> > 
> > This patch fixes it but the fix should probably be in mm/util.c
> > because the documentation says that krealloc(NULL, x, gfp) is
> > equivalent to kmalloc(x, gfp) and that's not true any more even after
> > this patch when you do krealloc(NULL, 0, gfp)
> 
> Right. We need to fix util.c. ksize should not be called with a NULL
> parameter.
> Index: linux-2.6/mm/util.c
> ===================================================================
> --- linux-2.6.orig/mm/util.c	2007-07-23 13:29:42.000000000 -0700
> +++ linux-2.6/mm/util.c	2007-07-23 13:31:28.000000000 -0700
> @@ -88,7 +88,11 @@ void *krealloc(const void *p, size_t new
>  		return ZERO_SIZE_PTR;
>  	}
>  
> -	ks = ksize(p);
> +	if (p)
> +		ks = ksize(p);
> +	else
> +		ks = 0;
> +
>  	if (ks >= new_size)
>  		return (void *)p;
>  

I think we already fixed this?

commit 1d4ec7b1d6f130818f9b62dea3411d9ee2ff6ff6
Author: Roland Dreier <rdreier@cisco.com>
Date:   Fri Jul 20 12:13:20 2007 -0700

    Fix ZERO_OR_NULL_PTR(ZERO_SIZE_PTR)
    
    The comparison with ZERO_SIZE_PTR in ZERO_OR_NULL_PTR() needs to be <=
    (not just <) so that ZERO_OR_NULL_PTR(ZERO_SIZE_PTR) is 1.
    
    Signed-off-by: Roland Dreier <rolandd@cisco.com>
    [ Duh!  - Linus ]
    Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

diff --git a/include/linux/slab.h b/include/linux/slab.h
index 7d0ecc1..d859354 100644
--- a/include/linux/slab.h
+++ b/include/linux/slab.h
@@ -40,7 +40,7 @@ #define SLAB_TRACE		0x00200000UL	/* Trac
  */
 #define ZERO_SIZE_PTR ((void *)16)
 
-#define ZERO_OR_NULL_PTR(x) ((unsigned long)(x) < \
+#define ZERO_OR_NULL_PTR(x) ((unsigned long)(x) <= \
 				(unsigned long)ZERO_SIZE_PTR)
 
 /*


^ permalink raw reply related	[flat|nested] 7+ messages in thread
* Re: [RFC] fix slub krealloc()
  2007-07-23 20:47   ` Andrew Morton
@ 2007-07-23 21:37     ` Christoph Lameter
  2007-07-25  8:40       ` Johannes Berg
  0 siblings, 1 reply; 7+ messages in thread
From: Christoph Lameter @ 2007-07-23 21:37 UTC (permalink / raw)
  To: Andrew Morton; +Cc: Johannes Berg, linux-kernel

On Mon, 23 Jul 2007 13:47:13 -0700
Andrew Morton <akpm@linux-foundation.org> wrote:


> > Right. We need to fix util.c. ksize should not be called with a NULL
> > parameter.
> > Index: linux-2.6/mm/util.c
> > ===================================================================
> > --- linux-2.6.orig/mm/util.c	2007-07-23 13:29:42.000000000
> > -0700 +++ linux-2.6/mm/util.c	2007-07-23 13:31:28.000000000
> > -0700 @@ -88,7 +88,11 @@ void *krealloc(const void *p, size_t new
> >  		return ZERO_SIZE_PTR;
> >  	}
> >  
> > -	ks = ksize(p);
> > +	if (p)
> > +		ks = ksize(p);
> > +	else
> > +		ks = 0;
> > +
> >  	if (ks >= new_size)
> >  		return (void *)p;
> >  
> 
> I think we already fixed this?
> 
> commit 1d4ec7b1d6f130818f9b62dea3411d9ee2ff6ff6
> Author: Roland Dreier <rdreier@cisco.com>
> Date:   Fri Jul 20 12:13:20 2007 -0700
> 
>     Fix ZERO_OR_NULL_PTR(ZERO_SIZE_PTR)

There is no use of ZERO_OR_NULL ptr in krealloc. Linus added a check to
ksize() instead so that ksize(NULL) returns 0 instead of failing.



^ permalink raw reply	[flat|nested] 7+ messages in thread
* Re: [RFC] fix slub krealloc()
  2007-07-23 21:37     ` Christoph Lameter
@ 2007-07-25  8:40       ` Johannes Berg
  2007-07-25 18:53         ` Christoph Lameter
  0 siblings, 1 reply; 7+ messages in thread
From: Johannes Berg @ 2007-07-25  8:40 UTC (permalink / raw)
  To: Christoph Lameter; +Cc: Andrew Morton, linux-kernel

[-- Attachment #1: Type: text/plain, Size: 413 bytes --]


> > I think we already fixed this?

> >     Fix ZERO_OR_NULL_PTR(ZERO_SIZE_PTR)
> 
> There is no use of ZERO_OR_NULL ptr in krealloc. Linus added a check to
> ksize() instead so that ksize(NULL) returns 0 instead of failing.

However, this still doesn't fix the other corner case I pointed out:
krealloc(NULL, 0, GFP_KERNEL) will give you a NULL pointer instead of a
ZERO_SIZE_PTR afaict.

johannes

[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 190 bytes --]

^ permalink raw reply	[flat|nested] 7+ messages in thread
* Re: [RFC] fix slub krealloc()
  2007-07-25  8:40       ` Johannes Berg
@ 2007-07-25 18:53         ` Christoph Lameter
  2007-07-26 14:08           ` Johannes Berg
  0 siblings, 1 reply; 7+ messages in thread
From: Christoph Lameter @ 2007-07-25 18:53 UTC (permalink / raw)
  To: Johannes Berg; +Cc: Andrew Morton, linux-kernel

On Wed, 25 Jul 2007, Johannes Berg wrote:

> > 
> > There is no use of ZERO_OR_NULL ptr in krealloc. Linus added a check to
> > ksize() instead so that ksize(NULL) returns 0 instead of failing.
> 
> However, this still doesn't fix the other corner case I pointed out:
> krealloc(NULL, 0, GFP_KERNEL) will give you a NULL pointer instead of a
> ZERO_SIZE_PTR afaict.

It will give you a ZERO_SIZE_PTR

void *krealloc(const void *p, size_t new_size, gfp_t flags)
{
        void *ret;
        size_t ks;

        if (unlikely(!new_size)) {
                kfree(p);
                return ZERO_SIZE_PTR;
        }




^ permalink raw reply	[flat|nested] 7+ messages in thread
* Re: [RFC] fix slub krealloc()
  2007-07-25 18:53         ` Christoph Lameter
@ 2007-07-26 14:08           ` Johannes Berg
  0 siblings, 0 replies; 7+ messages in thread
From: Johannes Berg @ 2007-07-26 14:08 UTC (permalink / raw)
  To: Christoph Lameter; +Cc: Andrew Morton, linux-kernel

[-- Attachment #1: Type: text/plain, Size: 442 bytes --]

On Wed, 2007-07-25 at 11:53 -0700, Christoph Lameter wrote:

> It will give you a ZERO_SIZE_PTR
> 
> void *krealloc(const void *p, size_t new_size, gfp_t flags)
> {
>         void *ret;
>         size_t ks;
> 
>         if (unlikely(!new_size)) {
>                 kfree(p);
>                 return ZERO_SIZE_PTR;
>         }

Oh, I thought looked and it returned NULL. Did it change or did I just
look wrong? :)

johannes

[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 190 bytes --]

^ permalink raw reply	[flat|nested] 7+ messages in thread
end of thread, other threads:[~2007-07-26 14:09 UTC | newest]

Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2007-07-18 15:42 [RFC] fix slub krealloc() Johannes Berg
2007-07-23 20:32 ` Christoph Lameter
2007-07-23 20:47   ` Andrew Morton
2007-07-23 21:37     ` Christoph Lameter
2007-07-25  8:40       ` Johannes Berg
2007-07-25 18:53         ` Christoph Lameter
2007-07-26 14:08           ` Johannes Berg

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).