From: Dan Carpenter <error27@gmail.com>
To: Matthew Wilcox <willy@infradead.org>
Cc: ksummit@lists.linux.dev
Subject: Re: [TECH TOPIC] Implementing malloc
Date: Mon, 29 Jun 2026 18:07:43 +0300 [thread overview]
Message-ID: <akKKP4SlVs846Qp0@stanley.mountain> (raw)
In-Reply-To: <akKBVsFBro_4QM74@casper.infradead.org>
On Mon, Jun 29, 2026 at 03:29:42PM +0100, Matthew Wilcox wrote:
> malloc() is a standard part of the C library. Yet we force new Linux
> programmers to learn the difference between vmalloc(), kmalloc() and
> kvmalloc(). They even have to acquire an understanding of the difference
> between GFP_KERNEL and GFP_ATOMIC. If they are particularly unlucky,
> they may have to understand other combinations of GFP flags.
>
> This topic proposes that we should implement malloc() and calloc().
> Various options will be discussed, their increasing implementation
> complexity corresponding to utility in a greater range of situations.
> This will also benefit Rust as we can use the same infrastructure to
> implement std::alloc.
>
> We'll also discuss the semantics of corner cases (fallibility, zero
> sized allocations, overflowing allocations and very large allocations)
> as well as out-of-bounds and use-after-free detection.
I'm not sure I understand. You're saying that it's too complicated
and then you're suggesting we introduce a new kind of allocation function
as the fix. It feels like the classic XKCD comic about standards:
https://xkcd.com/927/
Are we just collecting a wish list?
I wish that we would just acknowledge say that small allocations cannot
fail. We could add a BUILD_BUG_ON() in km/zalloc_obj() which ensures that
it is only used for small allocations. Then we could remove all the
error handling from those.
With regards to use after frees, my impression is that the places which
use caches are the worst affected and also where we do the worst at
detecting them? Does KASAN detect use after frees with kmem_cache and
mempools?
regards,
dan carpenter
next prev parent reply other threads:[~2026-06-29 15:07 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-06-29 14:29 [TECH TOPIC] Implementing malloc Matthew Wilcox
2026-06-29 15:07 ` Dan Carpenter [this message]
2026-06-29 15:21 ` H. Peter Anvin
2026-06-29 15:31 ` Matthew Wilcox
2026-06-29 16:00 ` Vlastimil Babka (SUSE)
2026-06-29 16:37 ` H. Peter Anvin
2026-06-29 16:48 ` Alexey Dobriyan
2026-06-29 16:48 ` H. Peter Anvin
2026-06-29 18:19 ` Matthew Wilcox
2026-06-29 18:22 ` H. Peter Anvin
2026-06-29 18:29 ` Mark Brown
2026-06-29 18:37 ` Vlastimil Babka (SUSE)
2026-06-30 18:53 ` Steven Rostedt
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=akKKP4SlVs846Qp0@stanley.mountain \
--to=error27@gmail.com \
--cc=ksummit@lists.linux.dev \
--cc=willy@infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.