Re: [PATCH v2] mm/slub: preserve original size in _kmalloc_nolock_noprof retry path

Next message: Jonas Rebmann: "[PATCH v2 2/2] leds: pwm-multicolor: Introduce default-intensity property"
Previous message: Eric Dumazet: "Re: [PATCH 2/2] net: skb: isolate skb data area allocations into a separate bucket"
In reply to: Harry Yoo: "Re: [PATCH v2] mm/slub: preserve original size in _kmalloc_nolock_noprof retry path"
Next in thread: Vlastimil Babka (SUSE): "Re: [PATCH v2] mm/slub: preserve original size in _kmalloc_nolock_noprof retry path"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Hao Li

Date: Fri Jun 05 2026 - 03:43:59 EST

On Thu, Jun 04, 2026 at 08:27:32PM +0800, hu.shengming@xxxxxxxxxx wrote:
> From: Shengming Hu <hu.shengming@xxxxxxxxxx>
>
> _kmalloc_nolock_noprof() retries from the next kmalloc bucket when the
> initial allocation fails. The retry currently reuses `size` as the
> bucket selector and overwrites it with s->object_size + 1.
>
> That value is later passed as the original allocation size to
> __slab_alloc_node(), slab_post_alloc_hook() and kasan_kmalloc(). On a
> successful retry this makes KASAN/slub-debug observe the retry bucket
> selector rather than the caller requested size, potentially widening the
> valid kmalloc range and hiding overflows.
>
> Keep the caller requested size separately as orig_size and pass it to
> the allocation/debug/KASAN paths. Continue using `size` as the retry cache
> selector.
>
> Fixes: af92793e52c3 ("slab: Introduce kmalloc_nolock() and kfree_nolock()")
> Signed-off-by: Shengming Hu <hu.shengming@xxxxxxxxxx>
> ---
> Changes in v2:
> - Use an explicit orig_size variable instead of bucket_size, as suggested
> by Harry and Vlastimil.
> - Link to v1: https://lore.kernel.org/all/20260603211011530GqLSXP_rgcuQdR47IGQLL@xxxxxxxxxx/
>

LGTM.

Reviewed-by: Hao Li <hao.li@xxxxxxxxx>

--
Thanks,
Hao