Re: [PATCH] rust: alloc: fix dangling pointer in VecExt<T>::reserve()

public inbox for rust-for-linux@vger.kernel.org
 help / color / mirror / Atom feed

From: Boqun Feng <boqun.feng@gmail.com>
To: Danilo Krummrich <dakr@redhat.com>
Cc: ojeda@kernel.org, alex.gaynor@gmail.com, wedsonaf@gmail.com,
	gary@garyguo.net, bjorn3_gh@protonmail.com,
	benno.lossin@proton.me, a.hindborg@samsung.com,
	aliceryhl@google.com, rust-for-linux@vger.kernel.org
Subject: Re: [PATCH] rust: alloc: fix dangling pointer in VecExt<T>::reserve()
Date: Mon, 29 Apr 2024 15:01:10 -0700	[thread overview]
Message-ID: <ZjAYpsFROI9agY_L@boqun-archlinux> (raw)
In-Reply-To: <8b68878e-2ddd-4f31-9f82-4abe638bf148@redhat.com>

On Mon, Apr 29, 2024 at 11:01:45PM +0200, Danilo Krummrich wrote:
> On 4/29/24 21:52, Boqun Feng wrote:
> > On Mon, Apr 29, 2024 at 09:24:04PM +0200, Danilo Krummrich wrote:
> > > Currently, a Vec<T>'s ptr value, after calling Vec<T>::new(), is
> > > initialized to Unique::dangling(). Hence, in VecExt<T>::reserve(), we're
> > > passing a dangling pointer (instead of NULL) to krealloc() whenever a
> > > new Vec<T> is created through VecExt<T> extension functions.
> > > 
> > > This only works since it happens that Unique::dangling()'s value (0x1)
> > > falls within the range between 0x0 and ZERO_SIZE_PTR (0x10) and
> > > krealloc() hence treats it the same as a NULL pointer however.
> > > 
> > 
> > Good catch!
> > 
> > > This isn't a case we should rely on, especially since other kernel
> > > allocators are not as tolerant. Instead, pass a real NULL pointer to
> > > krealloc_aligned() if Vec<T>'s capacity is zero.
> > > 
> > > Fixes: 5ab560ce12ed ("rust: alloc: update `VecExt` to take allocation flags")
> > 
> > However, since this commit is not upstreamed yet, so it's suject to
> > change, I'd avoid the "Fixes" tag here. Alternatively, Miguel can fold
> > this patch into that commit in his tree.
> 
> I'd be surprised if rust-next wouldn't be fast-forward only, is it? If

Well, I cannot speak for Miguel, but there's no guarantee of that IMO.

> fast-forward only, the commit IDs should be preserved on merge, hence it should
> be fine to keep the "Fixes" tag.
> 
> As for squashing fixes into existing commits, this is something I would generally
> not recommend doing. This would be a non-fast-forward operation and hence break
> potential references to other commits in general (not only "Fixes" tags). Plus,

Yes, but here what you fix is a bug, and generally, if we find a bug in
some commit and that commit is not upstreamed, we should rework that
commit other than introducing another patch that fixes the bug. It'll
provide better bisect and less confusion. It's the same reason that why
we don't allow a patch series to include a bug in the middle.

> it's usually not providing a great motivation for potential contributors.
> 

With proper SoB tags and other tags, I don't see a big difference here,
or I'm missing something subtle?

Regards,
Boqun

> - Danilo
> 
[...]

next prev parent reply	other threads:[~2024-04-29 22:01 UTC|newest]

Thread overview: 15+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-04-29 19:24 [PATCH] rust: alloc: fix dangling pointer in VecExt<T>::reserve() Danilo Krummrich
2024-04-29 19:52 ` Boqun Feng
2024-04-29 21:01   ` Danilo Krummrich
2024-04-29 22:01     ` Boqun Feng [this message]
2024-04-30 16:42       ` Danilo Krummrich
2024-04-30 18:33         ` Boqun Feng
2024-04-30 20:46           ` Danilo Krummrich
2024-04-30 20:59             ` Boqun Feng
2024-04-30 21:08               ` Boqun Feng
2024-04-30 22:19                 ` Danilo Krummrich
2024-04-30 22:41                   ` Boqun Feng
2024-04-30 22:06             ` Boqun Feng
2024-04-30 22:44     ` Miguel Ojeda
2024-04-30  8:25 ` Alice Ryhl
2024-04-30 12:07   ` Danilo Krummrich

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=ZjAYpsFROI9agY_L@boqun-archlinux \
    --to=boqun.feng@gmail.com \
    --cc=a.hindborg@samsung.com \
    --cc=alex.gaynor@gmail.com \
    --cc=aliceryhl@google.com \
    --cc=benno.lossin@proton.me \
    --cc=bjorn3_gh@protonmail.com \
    --cc=dakr@redhat.com \
    --cc=gary@garyguo.net \
    --cc=ojeda@kernel.org \
    --cc=rust-for-linux@vger.kernel.org \
    --cc=wedsonaf@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox