mprotect.c : Deferencing a Null Pointer ?

[kingkhan2006]

Hi ,
In the following code snippet from a 2.4 kernel (mm/mprotect.c) .Two identical calls kmem_cache_alloc are addressed differently on failure return.
the left= kmem_cache_alloc call returns ENOMEM on failure ,whereas subsequently failrure in right = kmem_cache_alloc first calls kmem_cache before returning ENOMEM failure.
Isn't the latter case : "deferencing a Null pointer" ?


static inline int mprotect_fixup_middle(struct vm_area_struct * vma, struct vm_area_struct ** pprev,
unsigned long start, unsigned long end,
int newflags, pgprot_t prot)
{
struct vm_area_struct * left, * right;

left = kmem_cache_alloc(vm_area_cachep, SLAB_KERNEL);
if (!left)
return -ENOMEM;
right = kmem_cache_alloc(vm_area_cachep, SLAB_KERNEL);
if (!right) {
kmem_cache_free(vm_area_cachep, left);
return -ENOMEM;
}


Regards
king khan

[fernape]

If I don't missundestand your question, you think that the "left" pointer in kmem_cache_free is null, but if the code reaches that line is because the left node was assigned. I.e. if the left pointer couldn't be assigned then exit the function.
If it was, try to allocate the right node... if it can't be done, then deallocate the previous left node (housekeeping, we don't want that the kernel waste our memory )

Code:

static inline int mprotect_fixup_middle(struct vm_area_struct * vma, struct vm_area_struct ** pprev,
unsigned long start, unsigned long end,
int newflags, pgprot_t prot)
{
struct vm_area_struct * left, * right;

left = kmem_cache_alloc(vm_area_cachep, SLAB_KERNEL);
if (!left)
  return -ENOMEM; /*Exiting the function*/


/*If we are here is because left was successfully assigned*/
right = kmem_cache_alloc(vm_area_cachep, SLAB_KERNEL);
if (!right) {
  /*Cause the right node failed on assigment, we free the previous allocated vm_area_struct*/
  kmem_cache_free(vm_area_cachep, left);
  return -ENOMEM;
}

If I'm wrong or I don't understand your question, let us know.

Best Regards