| Message ID | 20200616225409.4670-1-william.kucharski@oracle.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | mm: ksize() should silently accept a NULL pointer | expand |
On Tue, Jun 16, 2020 at 04:54:09PM -0600, William Kucharski wrote: > Other mm routines such as kfree() and kzfree() silently do the right > thing if passed a NULL pointer, so ksize() should do the same. > > Signed-off-by: William Kucharski <william.kucharski@oracle.com> Nice simplification. Reviewed-by: Matthew Wilcox (Oracle) <willy@infradead.org>
On 17.06.20 00:54, William Kucharski wrote: > Other mm routines such as kfree() and kzfree() silently do the right > thing if passed a NULL pointer, so ksize() should do the same. > > Signed-off-by: William Kucharski <william.kucharski@oracle.com> > --- > mm/slab_common.c | 14 +++++--------- > 1 file changed, 5 insertions(+), 9 deletions(-) > > diff --git a/mm/slab_common.c b/mm/slab_common.c > index 9e72ba224175..2bff01ad94d8 100644 > --- a/mm/slab_common.c > +++ b/mm/slab_common.c > @@ -1660,10 +1660,9 @@ static __always_inline void *__do_krealloc(const void *p, size_t new_size, > gfp_t flags) > { > void *ret; > - size_t ks = 0; > + size_t ks; > > - if (p) > - ks = ksize(p); > + ks = ksize(p); > > if (ks >= new_size) { > p = kasan_krealloc((void *)p, new_size, flags); > @@ -1723,10 +1722,9 @@ void kzfree(const void *p) > size_t ks; > void *mem = (void *)p; > > - if (unlikely(ZERO_OR_NULL_PTR(mem))) > - return; > ks = ksize(mem); > - memset(mem, 0, ks); > + if (ks) > + memset(mem, 0, ks); > kfree(mem); > } > EXPORT_SYMBOL(kzfree); > @@ -1749,8 +1747,6 @@ size_t ksize(const void *objp) > { > size_t size; > > - if (WARN_ON_ONCE(!objp)) > - return 0; > /* > * We need to check that the pointed to object is valid, and only then > * unpoison the shadow memory below. We use __kasan_check_read(), to > @@ -1764,7 +1760,7 @@ size_t ksize(const void *objp) > * We want to perform the check before __ksize(), to avoid potentially > * crashing in __ksize() due to accessing invalid metadata. > */ > - if (unlikely(objp == ZERO_SIZE_PTR) || !__kasan_check_read(objp, 1)) > + if (unlikely(ZERO_OR_NULL_PTR(objp)) || !__kasan_check_read(objp, 1)) > return 0; > > size = __ksize(objp); > Reviewed-by: David Hildenbrand <david@redhat.com>
On Tue, 16 Jun 2020, William Kucharski wrote: > Other mm routines such as kfree() and kzfree() silently do the right > thing if passed a NULL pointer, so ksize() should do the same. Ok so the size of an no object pointer is zero? Ignoring the freeing of a nonexisting object makes sense. But determining it size?
On Wed, Jun 17, 2020 at 04:23:04PM +0000, Christopher Lameter wrote: > On Tue, 16 Jun 2020, William Kucharski wrote: > > > Other mm routines such as kfree() and kzfree() silently do the right > > thing if passed a NULL pointer, so ksize() should do the same. > > Ok so the size of an no object pointer is zero? Ignoring the freeing > of a nonexisting object makes sense. But determining it size? ksize() is misnamed. It's not the size of the object, it's the number of bytes allocated for that object. A NULL pointer represents a freed object, or one that was never allocated in the first place. Clearly that's 0 bytes. What other answer would make sense?
diff --git a/mm/slab_common.c b/mm/slab_common.c index 9e72ba224175..2bff01ad94d8 100644 --- a/mm/slab_common.c +++ b/mm/slab_common.c @@ -1660,10 +1660,9 @@ static __always_inline void *__do_krealloc(const void *p, size_t new_size, gfp_t flags) { void *ret; - size_t ks = 0; + size_t ks; - if (p) - ks = ksize(p); + ks = ksize(p); if (ks >= new_size) { p = kasan_krealloc((void *)p, new_size, flags); @@ -1723,10 +1722,9 @@ void kzfree(const void *p) size_t ks; void *mem = (void *)p; - if (unlikely(ZERO_OR_NULL_PTR(mem))) - return; ks = ksize(mem); - memset(mem, 0, ks); + if (ks) + memset(mem, 0, ks); kfree(mem); } EXPORT_SYMBOL(kzfree); @@ -1749,8 +1747,6 @@ size_t ksize(const void *objp) { size_t size; - if (WARN_ON_ONCE(!objp)) - return 0; /* * We need to check that the pointed to object is valid, and only then * unpoison the shadow memory below. We use __kasan_check_read(), to @@ -1764,7 +1760,7 @@ size_t ksize(const void *objp) * We want to perform the check before __ksize(), to avoid potentially * crashing in __ksize() due to accessing invalid metadata. */ - if (unlikely(objp == ZERO_SIZE_PTR) || !__kasan_check_read(objp, 1)) + if (unlikely(ZERO_OR_NULL_PTR(objp)) || !__kasan_check_read(objp, 1)) return 0; size = __ksize(objp);
Other mm routines such as kfree() and kzfree() silently do the right thing if passed a NULL pointer, so ksize() should do the same. Signed-off-by: William Kucharski <william.kucharski@oracle.com> --- mm/slab_common.c | 14 +++++--------- 1 file changed, 5 insertions(+), 9 deletions(-)