Al Viro @ 2025-10-05 10:01 +01:

> On Sun, Oct 05, 2025 at 07:37:50AM +0200, Miquel Sabaté Solà wrote:
>> Al Viro @ 2025-10-04 22:19 +01:
>>
>> > On Sat, Oct 04, 2025 at 11:03:40PM +0200, Miquel Sabaté Solà wrote:
>> >> This is a small cleanup in which by using the __free(kfree) cleanup
>> >> attribute we can avoid three labels to go to, and the code turns to be
>> >> more concise and easier to follow.
>> >
>> > Have you tried to build and boot that?
>>
>> Yes, and it worked on my machine...
>
> Unfortunately, it ends up calling that kfree() on success as well as on failure.
> Idiomatic way to avoid that would be
> 	return no_free_ptr(fdt);
> but you've left bare
> 	return fdt;
> in there, ending up with returning dangling pointers to the caller.  So as
> soon as you get more than BITS_PER_LONG descriptors used by a process,
> you'll get trouble.  In particular, bash(1) running as an interactive shell
> would hit that - it has descriptor 255 opened...

Ugh, this is just silly from my end...

You are absolutely right. I don't know what the hell I was doing while
testing that prevented me from realizing this before, but as you say
it's quite obvious and I was just blind or something.

Sorry for the noise and thanks for your patience...