<div dir="ltr"><br><div class="gmail_extra"><br><br><div class="gmail_quote">On Tue, Apr 30, 2013 at 7:24 AM, Jeff Darcy <span dir="ltr"><<a href="mailto:jdarcy@redhat.com" target="_blank">jdarcy@redhat.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div class="im">On 04/30/2013 07:31 AM, Vijay Bellur wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
On 04/30/2013 06:10 AM, Jeff Darcy wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
On 04/29/2013 01:38 PM, Vijay Bellur wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
There are a lot of places where we make an<br>
implicit assumption that GF_CALLOC and the likes memset the memory area<br>
to zero.<br>
</blockquote>
<br>
Actually I was a bit disturbed recently when I found that at least one<br>
member of that family (don't remember which) *doesn't* do that. I meant<br>
to go through and check which code relied on that unmet assumption, but<br>
then something else came up and I never got back to it.<br>
<br>
<br>
</blockquote>
<br>
I did a quick scan of mem-pool.c but failed to notice anything obvious. If you<br>
happen to notice it again, it should be worth a patch.<br>
</blockquote>
<br>
<br></div>
Mem-pool does zero memory, but none of GF_CALLOC, GF_MALLOC, or GF_REALLOC do. For example, GF_CALLOC just calls __gf_calloc which just calls calloc.<br>
<br>
108 req_size = nmemb * size;<br>
109 tot_size = req_size + GF_MEM_HEADER_SIZE + GF_MEM_TRAILER_SIZE;<br>
110<br>
111 ptr = calloc (1, tot_size);<br>
<br></blockquote><div><br></div><div style>calloc() is doing the zeroing.. no?</div><div style><br></div><div style>Avati</div><div><br></div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
The only thing after that is gf_mem_set_acct_info, which doesn't (and shouldn't) zero memory. Nonetheless, the assumption you refer to is common in code which calls these functions. Code which has been converted to use mem-pool is safe, but that leaves a lot of code which is still unsafe.<div class="HOEnZb">
<div class="h5"><br>
<br>
______________________________<u></u>_________________<br>
Gluster-devel mailing list<br>
<a href="mailto:Gluster-devel@nongnu.org" target="_blank">Gluster-devel@nongnu.org</a><br>
<a href="https://lists.nongnu.org/mailman/listinfo/gluster-devel" target="_blank">https://lists.nongnu.org/<u></u>mailman/listinfo/gluster-devel</a><br>
</div></div></blockquote></div><br></div></div>