Al Viro @ 2025-10-05 22:30 +01: > On Sun, Oct 05, 2025 at 07:41:47PM +0200, Miquel Sabaté Solà wrote: >> Al Viro @ 2025-10-05 10:01 +01: >> >> > On Sun, Oct 05, 2025 at 07:37:50AM +0200, Miquel Sabaté Solà wrote: >> >> Al Viro @ 2025-10-04 22:19 +01: >> >> >> >> > On Sat, Oct 04, 2025 at 11:03:40PM +0200, Miquel Sabaté Solà wrote: >> >> >> This is a small cleanup in which by using the __free(kfree) cleanup >> >> >> attribute we can avoid three labels to go to, and the code turns to be >> >> >> more concise and easier to follow. >> >> > >> >> > Have you tried to build and boot that? >> >> >> >> Yes, and it worked on my machine... >> > >> > Unfortunately, it ends up calling that kfree() on success as well as on failure. >> > Idiomatic way to avoid that would be >> > return no_free_ptr(fdt); >> > but you've left bare >> > return fdt; >> > in there, ending up with returning dangling pointers to the caller. So as >> > soon as you get more than BITS_PER_LONG descriptors used by a process, >> > you'll get trouble. In particular, bash(1) running as an interactive shell >> > would hit that - it has descriptor 255 opened... >> >> Ugh, this is just silly from my end... >> >> You are absolutely right. I don't know what the hell I was doing while >> testing that prevented me from realizing this before, but as you say >> it's quite obvious and I was just blind or something. >> >> Sorry for the noise and thanks for your patience... > > FWIW, the real low-level destructor (__free_fdtable()) *does* cope with ->fd > or ->open_fds left NULL, so theoretically we could replace kmalloc with > kzalloc in alloc_fdtable(), add use that thing via DEFINE_FREE()/__free(...); > I'm not sure if it's a good idea, though - at the very least, that property > of destructor would have to be spelled out with explanations, both in > __free_fdtable() and in alloc_fdtable(). > > Matter of taste, but IMO it's not worth bothering with - figuring out why > the damn thing is correct would take at least as much time and attention > from readers as the current variant does. Agreed. > > BTW, there's a chance to kill struct fdtable off - a project that got stalled > about a year ago (see https://lore.kernel.org/all/20240806010217.GL5334@ZenIV/ > and subthread from there on for details) that just might end up eliminating > that double indirect. I'm not saying that it's a reason not to do cleanups in > what exists right now, just a tangentially related thing that might be interesting > to resurrect... That looks interesting indeed, I'll take a look at this topic whenever I have some spare time. Thanks! Miquel