On 02.07.24 21:42, Richard Weinberger wrote:
The zalloc() function suffers from two problems.
- If memalign() fails it will return NULL and memset() will use a NULL pointer.
- memalign() itself seems to crash when more than 2^32 bytes are requested.
So, check the return value of memalign() and allocate only of size is less than CONFIG_SYS_MALLOC_LEN.
Signed-off-by: Richard Weinberger richard@nod.at
FWIW, I didn't investigate further why memalign() fails for large sizes. Maybe this is an issue on it's own.
Thanks, //richard
fs/ext4/ext4_common.h | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/fs/ext4/ext4_common.h b/fs/ext4/ext4_common.h index 84500e990a..0d1f72ae01 100644 --- a/fs/ext4/ext4_common.h +++ b/fs/ext4/ext4_common.h @@ -43,8 +43,14 @@
static inline void *zalloc(size_t size) {
- void *p = memalign(ARCH_DMA_MINALIGN, size);
- memset(p, 0, size);
- void *p = NULL;
- if (size < CONFIG_SYS_MALLOC_LEN)
p = memalign(ARCH_DMA_MINALIGN, size);
Memalign() is called in many code locations.
If memalign() has a bug, it needs to be fixed in memalign. We should not try to work around it in all callers.
Best regards
Heinrich
- if (p)
memset(p, 0, size);- return p; }