[PATCH v2 01/16] slab: Remove __malloc attribute from realloc functions

Kees Cook keescook at chromium.org
Wed Sep 28 17:13:12 UTC 2022 

On Wed, Sep 28, 2022 at 09:26:15AM +0200, Geert Uytterhoeven wrote:
> Hi Kees,
> 
> On Fri, Sep 23, 2022 at 10:35 PM Kees Cook <keescook at chromium.org> wrote:
> > The __malloc attribute should not be applied to "realloc" functions, as
> > the returned pointer may alias the storage of the prior pointer. Instead
> > of splitting __malloc from __alloc_size, which would be a huge amount of
> > churn, just create __realloc_size for the few cases where it is needed.
> >
> > Additionally removes the conditional test for __alloc_size__, which is
> > always defined now.
> >
> > Cc: Christoph Lameter <cl at linux.com>
> > Cc: Pekka Enberg <penberg at kernel.org>
> > Cc: David Rientjes <rientjes at google.com>
> > Cc: Joonsoo Kim <iamjoonsoo.kim at lge.com>
> > Cc: Andrew Morton <akpm at linux-foundation.org>
> > Cc: Vlastimil Babka <vbabka at suse.cz>
> > Cc: Roman Gushchin <roman.gushchin at linux.dev>
> > Cc: Hyeonggon Yoo <42.hyeyoo at gmail.com>
> > Cc: Marco Elver <elver at google.com>
> > Cc: linux-mm at kvack.org
> > Signed-off-by: Kees Cook <keescook at chromium.org>
> 
> Thanks for your patch, which is now commit 63caa04ec60583b1 ("slab:
> Remove __malloc attribute from realloc functions") in next-20220927.
> 
> Noreply at ellerman.id.au reported all gcc8-based builds to fail
> (e.g. [1], more at [2]):
> 
>     In file included from <command-line>:
>     ./include/linux/percpu.h: In function ‘__alloc_reserved_percpu’:
>     ././include/linux/compiler_types.h:279:30: error: expected
> declaration specifiers before ‘__alloc_size__’
>      #define __alloc_size(x, ...) __alloc_size__(x, ## __VA_ARGS__) __malloc
>                                   ^~~~~~~~~~~~~~
>     ./include/linux/percpu.h:120:74: note: in expansion of macro ‘__alloc_size’
>     [...]
> 
> It's building fine with e.g. gcc-9 (which is my usual m68k cross-compiler).
> Reverting this commit on next-20220927 fixes the issue.
> 
> [1] http://kisskb.ellerman.id.au/kisskb/buildresult/14803908/
> [2] http://kisskb.ellerman.id.au/kisskb/head/1bd8b75fe6adeaa89d02968bdd811ffe708cf839/

Eek! Thanks for letting me know. I'm confused about this --
__alloc_size__ wasn't optional in compiler_attributes.h -- but obviously
I broke something! I'll go figure this out.

-Kees

-- 
Kees Cook

More information about the dri-devel mailing list