> dinghao.liu@ wrote: > > > Ira Weiny wrote: > > > > Dinghao Liu wrote:
[snip] > > > > > > > > This does not quite work. > > > > > > > > free_arenas() is used in the error paths of create_arenas() and > > > > discover_arenas(). In those cases devm_kfree() is probably a better way > > > > to clean up this. > > > > Here I'm a little confused about when devm_kfree() should be used. > > Over all it should be used whenever memory is allocated for the lifetime > of the device. > > > Code in btt_init() implies that resources allocated by devm_* could be > > auto freed in both error and success paths of probe/attach (e.g., btt > > allocated by devm_kzalloc is never freed by devm_kfree). > > Using devm_kfree() in free_arenas() is ok for me, but I want to know > > whether not using devm_kfree() constitutes a bug. > > Unfortunately I'm not familiar enough with this code to know for sure. > > After my quick checks before I thought it was. But each time I look at it > I get confused. This is why I was thinking maybe not using devm_*() and > using no_free_ptr() may be a better solution to make sure things don't > leak without changing the success path (which is likely working fine > because no bugs have been found.) We have the same confusion here... I find a discussion about this problem, which implies that not using devm_kfree() may delay the release, but the memory will be freed later and no memory is leaked: https://www.mail-archive.com/linux-kernel@vger.kernel.org/msg2009561.html > > > > > We might want to look at using no_free_ptr() in this code. See this > > > patch[1] for an example of how to inhibit the cleanup and pass the > > > pointer on when the function succeeds. > > > > > > [1] > > > https://lore.kernel.org/all/170261791914.1714654.6447680285357545638.st...@dwillia2-xfh.jf.intel.com/ > > > > > > Ira > > > > Thanks for this example. But it seems that no_free_ptr() is used to > > handle the scope based resource management. Changes in this patch does > > not introduce this feature. Do I understand this correctly? > > You do understand but I was thinking that perhaps using no_free_ptr() > rather than devm_*() might be an easier way to fix this bug without trying > to decode the lifetime of everything. > My concern is that no_free_ptr() may not be able to completely fix all memleaks because some of them are triggered in (part of) success paths (e.g., when btt_freelist_init succeeds but btt_rtt_init fails, discover_arenas still needs to clean up the memory allocated in btt_freelist_init). I checked the design of no_free_ptr(), and it seems that it will generate a new pointer on success and the memory still leaks in the above case. Therefore, I think using devm_*() is still the best solution for this bug. Regards, Dinghao