From: Dmitry Kozlyuk <dmitry.kozliuk@gmail.com>
To: okaya@kernel.org
Cc: dev@dpdk.org
Subject: Re: [PATCH v2 05/11] malloc: malloc_elem_join_adjacent_free can return null
Date: Tue, 22 Nov 2022 18:52:26 +0300 [thread overview]
Message-ID: <20221122185226.4662bd66@sovereign> (raw)
In-Reply-To: <20221121223208.1147154-6-okaya@kernel.org>
2022-11-21 17:32 (UTC-0500), okaya@kernel.org:
> From: Sinan Kaya <okaya@kernel.org>
>
> In malloc_heap_add_memory result of call to malloc_elem_join_adjacent_free
> is dereferenced here and may be null.
It may not:
"malloc_elem_join_adjacent_free()" never returns NULL by definition.
Would annotating "malloc_elem_join_adjacent_free()" result
(and maybe the argument too)
convince codeql that the check is not needed?
A comment to the series:
I'm against adding extra checks *only* to silence some tool,
not because they're overly defensive,
but because they misrepresent the code assumptions,
making the understanding harder.
Returning false if assumptions are broken is arguably no better then crashing,
because this means that either the internal state is inconsistent
or the caller has supplied invalid arguments (logical error up the stack).
next prev parent reply other threads:[~2022-11-22 15:52 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-11-21 22:31 [PATCH v2 00/11] codeql fixes for various subsystems okaya
2022-11-21 22:32 ` [PATCH v2 01/11] ethdev: check return result of rte_eth_dev_info_get okaya
2022-11-21 22:32 ` [PATCH v2 02/11] net/tap: check if name is null okaya
2022-11-21 22:32 ` [PATCH v2 03/11] memzone: check result of rte_fbarray_get okaya
2022-11-21 22:32 ` [PATCH v2 04/11] memzone: check result of malloc_elem_from_data okaya
2022-11-22 15:52 ` Dmitry Kozlyuk
2022-11-21 22:32 ` [PATCH v2 05/11] malloc: malloc_elem_join_adjacent_free can return null okaya
2022-11-22 15:52 ` Dmitry Kozlyuk [this message]
2022-11-21 22:32 ` [PATCH v2 06/11] malloc: check result of rte_mem_virt2memseg_list okaya
2022-11-22 15:52 ` Dmitry Kozlyuk
2022-11-21 22:32 ` [PATCH v2 07/11] malloc: check result of rte_fbarray_get okaya
2022-11-22 15:52 ` Dmitry Kozlyuk
2022-11-21 22:32 ` [PATCH v2 08/11] malloc: check result of rte_mem_virt2memseg okaya
2022-11-22 15:52 ` Dmitry Kozlyuk
2022-11-21 22:32 ` [PATCH v2 09/11] malloc: check result of malloc_elem_free okaya
2022-11-22 15:52 ` Dmitry Kozlyuk
2022-11-22 15:24 ` [PATCH v2 00/11] codeql fixes for various subsystems David Marchand
2022-11-22 15:26 ` Sinan Kaya
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20221122185226.4662bd66@sovereign \
--to=dmitry.kozliuk@gmail.com \
--cc=dev@dpdk.org \
--cc=okaya@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).