* [RFC] fix slub krealloc()
@ 2007-07-18 15:42 Johannes Berg
2007-07-23 20:32 ` Christoph Lameter
0 siblings, 1 reply; 7+ messages in thread
From: Johannes Berg @ 2007-07-18 15:42 UTC (permalink / raw)
To: Christoph Lameter; +Cc: linux-kernel
Commit ef2ad80c7d255ed0449eda947c2d700635b7e0f5 breaks
krealloc(NULL, ...) badly, it BUG_ON()s.
This patch fixes it but the fix should probably be in mm/util.c because
the documentation says that krealloc(NULL, x, gfp) is equivalent to
kmalloc(x, gfp) and that's not true any more even after this patch when
you do krealloc(NULL, 0, gfp)
johannes
---
mm/slub.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- wireless-dev.orig/mm/slub.c 2007-07-18 16:25:11.809440194 +0200
+++ wireless-dev/mm/slub.c 2007-07-18 16:25:22.809440194 +0200
@@ -2394,7 +2394,7 @@ size_t ksize(const void *object)
struct page *page;
struct kmem_cache *s;
- if (object == ZERO_SIZE_PTR)
+ if (object == ZERO_SIZE_PTR || !object)
return 0;
page = get_object_page(object);
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [RFC] fix slub krealloc()
2007-07-18 15:42 [RFC] fix slub krealloc() Johannes Berg
@ 2007-07-23 20:32 ` Christoph Lameter
2007-07-23 20:47 ` Andrew Morton
0 siblings, 1 reply; 7+ messages in thread
From: Christoph Lameter @ 2007-07-23 20:32 UTC (permalink / raw)
To: Johannes Berg; +Cc: linux-kernel, akpm
On Wed, 18 Jul 2007 17:42:11 +0200
Johannes Berg <johannes@sipsolutions.net> wrote:
> Commit ef2ad80c7d255ed0449eda947c2d700635b7e0f5 breaks
> krealloc(NULL, ...) badly, it BUG_ON()s.
>
> This patch fixes it but the fix should probably be in mm/util.c
> because the documentation says that krealloc(NULL, x, gfp) is
> equivalent to kmalloc(x, gfp) and that's not true any more even after
> this patch when you do krealloc(NULL, 0, gfp)
Right. We need to fix util.c. ksize should not be called with a NULL
parameter.
Index: linux-2.6/mm/util.c
===================================================================
--- linux-2.6.orig/mm/util.c 2007-07-23 13:29:42.000000000 -0700
+++ linux-2.6/mm/util.c 2007-07-23 13:31:28.000000000 -0700
@@ -88,7 +88,11 @@ void *krealloc(const void *p, size_t new
return ZERO_SIZE_PTR;
}
- ks = ksize(p);
+ if (p)
+ ks = ksize(p);
+ else
+ ks = 0;
+
if (ks >= new_size)
return (void *)p;
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [RFC] fix slub krealloc()
2007-07-23 20:32 ` Christoph Lameter
@ 2007-07-23 20:47 ` Andrew Morton
2007-07-23 21:37 ` Christoph Lameter
0 siblings, 1 reply; 7+ messages in thread
From: Andrew Morton @ 2007-07-23 20:47 UTC (permalink / raw)
To: Christoph Lameter; +Cc: Johannes Berg, linux-kernel
On Mon, 23 Jul 2007 13:32:06 -0700
Christoph Lameter <clameter@sgi.com> wrote:
> On Wed, 18 Jul 2007 17:42:11 +0200
> Johannes Berg <johannes@sipsolutions.net> wrote:
>
> > Commit ef2ad80c7d255ed0449eda947c2d700635b7e0f5 breaks
> > krealloc(NULL, ...) badly, it BUG_ON()s.
> >
> > This patch fixes it but the fix should probably be in mm/util.c
> > because the documentation says that krealloc(NULL, x, gfp) is
> > equivalent to kmalloc(x, gfp) and that's not true any more even after
> > this patch when you do krealloc(NULL, 0, gfp)
>
> Right. We need to fix util.c. ksize should not be called with a NULL
> parameter.
> Index: linux-2.6/mm/util.c
> ===================================================================
> --- linux-2.6.orig/mm/util.c 2007-07-23 13:29:42.000000000 -0700
> +++ linux-2.6/mm/util.c 2007-07-23 13:31:28.000000000 -0700
> @@ -88,7 +88,11 @@ void *krealloc(const void *p, size_t new
> return ZERO_SIZE_PTR;
> }
>
> - ks = ksize(p);
> + if (p)
> + ks = ksize(p);
> + else
> + ks = 0;
> +
> if (ks >= new_size)
> return (void *)p;
>
I think we already fixed this?
commit 1d4ec7b1d6f130818f9b62dea3411d9ee2ff6ff6
Author: Roland Dreier <rdreier@cisco.com>
Date: Fri Jul 20 12:13:20 2007 -0700
Fix ZERO_OR_NULL_PTR(ZERO_SIZE_PTR)
The comparison with ZERO_SIZE_PTR in ZERO_OR_NULL_PTR() needs to be <=
(not just <) so that ZERO_OR_NULL_PTR(ZERO_SIZE_PTR) is 1.
Signed-off-by: Roland Dreier <rolandd@cisco.com>
[ Duh! - Linus ]
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
diff --git a/include/linux/slab.h b/include/linux/slab.h
index 7d0ecc1..d859354 100644
--- a/include/linux/slab.h
+++ b/include/linux/slab.h
@@ -40,7 +40,7 @@ #define SLAB_TRACE 0x00200000UL /* Trac
*/
#define ZERO_SIZE_PTR ((void *)16)
-#define ZERO_OR_NULL_PTR(x) ((unsigned long)(x) < \
+#define ZERO_OR_NULL_PTR(x) ((unsigned long)(x) <= \
(unsigned long)ZERO_SIZE_PTR)
/*
^ permalink raw reply related [flat|nested] 7+ messages in thread
* Re: [RFC] fix slub krealloc()
2007-07-23 20:47 ` Andrew Morton
@ 2007-07-23 21:37 ` Christoph Lameter
2007-07-25 8:40 ` Johannes Berg
0 siblings, 1 reply; 7+ messages in thread
From: Christoph Lameter @ 2007-07-23 21:37 UTC (permalink / raw)
To: Andrew Morton; +Cc: Johannes Berg, linux-kernel
On Mon, 23 Jul 2007 13:47:13 -0700
Andrew Morton <akpm@linux-foundation.org> wrote:
> > Right. We need to fix util.c. ksize should not be called with a NULL
> > parameter.
> > Index: linux-2.6/mm/util.c
> > ===================================================================
> > --- linux-2.6.orig/mm/util.c 2007-07-23 13:29:42.000000000
> > -0700 +++ linux-2.6/mm/util.c 2007-07-23 13:31:28.000000000
> > -0700 @@ -88,7 +88,11 @@ void *krealloc(const void *p, size_t new
> > return ZERO_SIZE_PTR;
> > }
> >
> > - ks = ksize(p);
> > + if (p)
> > + ks = ksize(p);
> > + else
> > + ks = 0;
> > +
> > if (ks >= new_size)
> > return (void *)p;
> >
>
> I think we already fixed this?
>
> commit 1d4ec7b1d6f130818f9b62dea3411d9ee2ff6ff6
> Author: Roland Dreier <rdreier@cisco.com>
> Date: Fri Jul 20 12:13:20 2007 -0700
>
> Fix ZERO_OR_NULL_PTR(ZERO_SIZE_PTR)
There is no use of ZERO_OR_NULL ptr in krealloc. Linus added a check to
ksize() instead so that ksize(NULL) returns 0 instead of failing.
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [RFC] fix slub krealloc()
2007-07-23 21:37 ` Christoph Lameter
@ 2007-07-25 8:40 ` Johannes Berg
2007-07-25 18:53 ` Christoph Lameter
0 siblings, 1 reply; 7+ messages in thread
From: Johannes Berg @ 2007-07-25 8:40 UTC (permalink / raw)
To: Christoph Lameter; +Cc: Andrew Morton, linux-kernel
[-- Attachment #1: Type: text/plain, Size: 413 bytes --]
> > I think we already fixed this?
> > Fix ZERO_OR_NULL_PTR(ZERO_SIZE_PTR)
>
> There is no use of ZERO_OR_NULL ptr in krealloc. Linus added a check to
> ksize() instead so that ksize(NULL) returns 0 instead of failing.
However, this still doesn't fix the other corner case I pointed out:
krealloc(NULL, 0, GFP_KERNEL) will give you a NULL pointer instead of a
ZERO_SIZE_PTR afaict.
johannes
[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 190 bytes --]
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [RFC] fix slub krealloc()
2007-07-25 8:40 ` Johannes Berg
@ 2007-07-25 18:53 ` Christoph Lameter
2007-07-26 14:08 ` Johannes Berg
0 siblings, 1 reply; 7+ messages in thread
From: Christoph Lameter @ 2007-07-25 18:53 UTC (permalink / raw)
To: Johannes Berg; +Cc: Andrew Morton, linux-kernel
On Wed, 25 Jul 2007, Johannes Berg wrote:
> >
> > There is no use of ZERO_OR_NULL ptr in krealloc. Linus added a check to
> > ksize() instead so that ksize(NULL) returns 0 instead of failing.
>
> However, this still doesn't fix the other corner case I pointed out:
> krealloc(NULL, 0, GFP_KERNEL) will give you a NULL pointer instead of a
> ZERO_SIZE_PTR afaict.
It will give you a ZERO_SIZE_PTR
void *krealloc(const void *p, size_t new_size, gfp_t flags)
{
void *ret;
size_t ks;
if (unlikely(!new_size)) {
kfree(p);
return ZERO_SIZE_PTR;
}
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [RFC] fix slub krealloc()
2007-07-25 18:53 ` Christoph Lameter
@ 2007-07-26 14:08 ` Johannes Berg
0 siblings, 0 replies; 7+ messages in thread
From: Johannes Berg @ 2007-07-26 14:08 UTC (permalink / raw)
To: Christoph Lameter; +Cc: Andrew Morton, linux-kernel
[-- Attachment #1: Type: text/plain, Size: 442 bytes --]
On Wed, 2007-07-25 at 11:53 -0700, Christoph Lameter wrote:
> It will give you a ZERO_SIZE_PTR
>
> void *krealloc(const void *p, size_t new_size, gfp_t flags)
> {
> void *ret;
> size_t ks;
>
> if (unlikely(!new_size)) {
> kfree(p);
> return ZERO_SIZE_PTR;
> }
Oh, I thought looked and it returned NULL. Did it change or did I just
look wrong? :)
johannes
[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 190 bytes --]
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2007-07-26 14:09 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2007-07-18 15:42 [RFC] fix slub krealloc() Johannes Berg
2007-07-23 20:32 ` Christoph Lameter
2007-07-23 20:47 ` Andrew Morton
2007-07-23 21:37 ` Christoph Lameter
2007-07-25 8:40 ` Johannes Berg
2007-07-25 18:53 ` Christoph Lameter
2007-07-26 14:08 ` Johannes Berg
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).