On Fri, Dec 01, 2017 at 01:45:09PM -0800, Jakub Kicinski wrote:
> On Fri, 1 Dec 2017 22:36:52 +0100, Phil Sutter wrote:
> > On Fri, Dec 01, 2017 at 12:14:07PM -0800, Jakub Kicinski wrote:
> > > On Fri, 1 Dec 2017 14:43:06 +0100, Phil Sutter wrote:  
> > > > On Thu, Nov 30, 2017 at 05:35:39PM -0800, Jakub Kicinski wrote:
> > > > [...]  
> > > > > +static int nsim_vfs_enable(struct netdevsim *ns, unsigned int 
> > > > > num_vfs)
> > > > > +{
> > > > > +     ns->vfconfigs = kcalloc(num_vfs, sizeof(struct nsim_vf_config),
> > > > > +                             GFP_KERNEL);
> > > > > +     if (!ns->vfconfigs)
> > > > > +             return -ENOMEM;
> > > > > +     ns->num_vfs = num_vfs;
> > > > > +
> > > > > +     return 0;
> > > > > +}
> > > > > +
> > > > > +static void nsim_vfs_disable(struct netdevsim *ns)
> > > > > +{
> > > > > +     kfree(ns->vfconfigs);
> > > > > +     ns->vfconfigs = NULL;
> > > > > +     ns->num_vfs = 0;
> > > > > +}    
> > > > 
> > > > Why not something like:
> > > > 
> > > > | static int nsim_vfs_set(struct netdevsim *ns, unsigned int num_vfs)
> > > > | {
> > > > |       void *ptr = krealloc(ns->vfconfigs,
> > > > |                            num_vfs * sizeof(struct nsim_vf_config),
> > > > |                            GFP_KERNEL);
> > > > | 
> > > > |       if (!ptr)
> > > > |               return -ENOMEM;
> > > > | 
> > > > |       ns->vfconfigs = ptr;
> > > > |       ns->num_vfs = num_vfs;
> > > > |       return 0;
> > > > | }  
> > > 
> > > Um.  It either frees or allocates, never reallocates so I felt realloc
> > > is misleading.  ZERO_SIZE_PTR is less clearly a NULL than a NULL.  I
> > > will have to specify __GFP_ZERO.  It's not a calloc so there could be
> > > potentially some overflows?  
> > 
> > I don't understand: How can overflows happen if I use malloc() instead
> > of calloc()?
> 
> The multiplication may overflow.  That's why we have kmalloc_array().
> Note this explicit check in kmalloc_array() (which is also called by
> kcalloc):
> 
>       if (size != 0 && n > SIZE_MAX / size)
>               return NULL;
> 
> Where:
> 
> #define SIZE_MAX      (~(size_t)0)

Ah, I see. Thanks for educating me on this!

> > > > > +     ret = count;
> > > > > +exit_unlock:
> > > > > +     rtnl_unlock();
> > > > > +
> > > > > +     return ret;
> > > > > +}    
> > > > 
> > > > [...]
> > > >   
> > > > > +static void nsim_free(struct net_device *dev)
> > > > > +{
> > > > > +     struct netdevsim *ns = netdev_priv(dev);
> > > > > +
> > > > > +     device_unregister(&ns->dev);
> > > > >  }    
> > > > 
> > > > Shouldn't this also kfree(ns->vfconfigs)?  
> > > 
> > > It's in uninit, I will move it to release.  
> > 
> > Oh, I missed that. If you're certain this won't lead to memleaks, no
> > objection from my side. :)
> 
> OK, I will respin v3 with the free moved :)

So it did leak? I'm glad the traffic I caused wasn't completely
pointless then. :)

Thanks, Phil

Reply via email to