git: 72821668b039 - main - stand/kmem_zalloc: panic when a M_WAITOK allocation fails

Warner Losh imp at FreeBSD.org
Fri Jul 9 17:26:57 UTC 2021 

The branch main has been updated by imp:

URL: https://cgit.FreeBSD.org/src/commit/?id=72821668b039c276914569e9caa1cdfa4e4cb674

commit 72821668b039c276914569e9caa1cdfa4e4cb674
Author:     Warner Losh <imp at FreeBSD.org>
AuthorDate: 2021-07-09 17:21:18 +0000
Commit:     Warner Losh <imp at FreeBSD.org>
CommitDate: 2021-07-09 17:21:18 +0000

    stand/kmem_zalloc: panic when a M_WAITOK allocation fails
    
    Malloc() might return NULL, in which case we will panic with a NULL
    pointer deref. Make it panic when the allocation fails to preserve the
    postcondtion that we never return a non-NULL value.
    
    Reviewed by:            tsoome
    PR:                     249859
    Sponsored by:           Netflix
    Differential Revision:  https://reviews.freebsd.org/D31106
---
 sys/sys/malloc.h | 17 +++++++++++------
 1 file changed, 11 insertions(+), 6 deletions(-)

diff --git a/sys/sys/malloc.h b/sys/sys/malloc.h
index 0c585c5a0dcf..b8c2788edd44 100644
--- a/sys/sys/malloc.h
+++ b/sys/sys/malloc.h
@@ -298,16 +298,20 @@ extern void *Malloc(size_t bytes, const char *file, int line);
  * flags mean anything and there's no need declare malloc types.
  * Define the simple alloc / free routines in terms of Malloc and
  * Free. None of the kernel features that this stuff disables are needed.
- *
- * XXX we are setting ourselves up for a potential crash if we can't allocate
- * memory for a M_WAITOK call.
  */
-#define M_WAITOK 0
+#define M_WAITOK 1
 #define M_ZERO 0
-#define M_NOWAIT 0
+#define M_NOWAIT 2
 #define MALLOC_DECLARE(x)
 
-#define kmem_zalloc(size, flags) Malloc((size), __FILE__, __LINE__)
+#define kmem_zalloc(size, flags) ({					\
+	void *p = Malloc((size), __FILE__, __LINE__);			\
+	if (p == NULL && (flags &  M_WAITOK) != 0)			\
+		panic("Could not malloc %zd bytes with M_WAITOK from %s line %d", \
+		    (size_t)size, __FILE__, __LINE__);			\
+	p;								\
+})
+
 #define kmem_free(p, size) Free(p, __FILE__, __LINE__)
 
 /*
@@ -315,5 +319,6 @@ extern void *Malloc(size_t bytes, const char *file, int line);
  * M_WAITOK. Given the above, it will also be a nop.
  */
 #define KM_SLEEP M_WAITOK
+#define KM_NOSLEEP M_NOWAIT
 #endif /* _STANDALONE */
 #endif /* !_SYS_MALLOC_H_ */

More information about the dev-commits-src-all mailing list