| Message ID | 163171199244.590070.6356174550728998874.stgit@devnote2 (mailing list archive) |
|---|---|
| State | New |
| Headers | show |
| Series | bootconfig: Fixes to bootconfig memory management | expand |
On Wed, 15 Sep 2021 22:19:52 +0900 Masami Hiramatsu <mhiramat@kernel.org> wrote: > @@ -810,6 +811,8 @@ void __init xbc_destroy_all(void) > * In error cases, @emsg will be updated with an error message and > * @epos will be updated with the error position which is the byte offset > * of @buf. If the error is not a parser error, @epos will be -1. > + * Note that the @buf ownership is transferred, so it will be freed > + * in xbc_destroy_all(). > */ > int __init xbc_init(char *buf, const char **emsg, int *epos) > { I hate this "ownership transfer". Looking at the use case here: init/main.c: copy = memblock_alloc(size + 1, SMP_CACHE_BYTES); if (!copy) { pr_err("Failed to allocate memory for bootconfig\n"); return; } memcpy(copy, data, size); copy[size] = '\0'; ret = xbc_init(copy, &msg, &pos); if (ret < 0) { Instead of having xbc_init() return the node count on success, how about having it allocate the buffer to use and then return it? That is, move the: copy = memblock_alloc(size + 1, SMP_CACHE_BYTES); if (!copy) { pr_err("Failed to allocate memory for bootconfig\n"); return; } memcpy(copy, data, size); copy[size] = '\0'; into xbc_init(), and have data, and size be passed to it. Then, have it return the pointer of "copy" or NULL on error? This will keep the semantics of xbc_* owning the buffer that gets freed by the destroy. The xbc_init() could also do the pr_info() that prints the bytes and node count. There's no other reason to pass that node count to the caller, is there? -- Steve
On Wed, 15 Sep 2021 10:23:54 -0400 Steven Rostedt <rostedt@goodmis.org> wrote: > On Wed, 15 Sep 2021 22:19:52 +0900 > Masami Hiramatsu <mhiramat@kernel.org> wrote: > > > @@ -810,6 +811,8 @@ void __init xbc_destroy_all(void) > > * In error cases, @emsg will be updated with an error message and > > * @epos will be updated with the error position which is the byte offset > > * of @buf. If the error is not a parser error, @epos will be -1. > > + * Note that the @buf ownership is transferred, so it will be freed > > + * in xbc_destroy_all(). > > */ > > int __init xbc_init(char *buf, const char **emsg, int *epos) > > { > > I hate this "ownership transfer". Looking at the use case here: > > init/main.c: > > copy = memblock_alloc(size + 1, SMP_CACHE_BYTES); > if (!copy) { > pr_err("Failed to allocate memory for bootconfig\n"); > return; > } > > memcpy(copy, data, size); > copy[size] = '\0'; > > ret = xbc_init(copy, &msg, &pos); > if (ret < 0) { > > Instead of having xbc_init() return the node count on success, how about > having it allocate the buffer to use and then return it? > > That is, move the: > > copy = memblock_alloc(size + 1, SMP_CACHE_BYTES); > if (!copy) { > pr_err("Failed to allocate memory for bootconfig\n"); > return; > } > > memcpy(copy, data, size); > copy[size] = '\0'; > > into xbc_init(), and have data, and size be passed to it. > > Then, have it return the pointer of "copy" or NULL on error? Thanks for pointing it out, that is also good to me. Let me update it. > > This will keep the semantics of xbc_* owning the buffer that gets > freed by the destroy. > > The xbc_init() could also do the pr_info() that prints the bytes and > node count. There's no other reason to pass that node count to the > caller, is there? Ah, it is my policy that the error or information message is shown by caller (since caller can also ignore that, e.g. passing the testing data), not from the library code. I learned that from perf-probe and ftrace, sometimes the library code reused in unexpected way. So I decided to decouple the generating error message and showing it. Thank you, > > -- Steve
On Thu, 16 Sep 2021 09:05:03 +0900 Masami Hiramatsu <mhiramat@kernel.org> wrote: > Ah, it is my policy that the error or information message is shown > by caller (since caller can also ignore that, e.g. passing the > testing data), not from the library code. > I learned that from perf-probe and ftrace, sometimes the library > code reused in unexpected way. So I decided to decouple the > generating error message and showing it. OK, then we can just pass the number of nodes allocated via a pointer to an integer. Thanks! -- Steve
diff --git a/lib/bootconfig.c b/lib/bootconfig.c index 5ae248b29373..2ba7d945adc9 100644 --- a/lib/bootconfig.c +++ b/lib/bootconfig.c @@ -789,6 +789,7 @@ static int __init xbc_verify_tree(void) */ void __init xbc_destroy_all(void) { + memblock_free_ptr(xbc_data, xbc_data_size); xbc_data = NULL; xbc_data_size = 0; xbc_node_num = 0; @@ -810,6 +811,8 @@ void __init xbc_destroy_all(void) * In error cases, @emsg will be updated with an error message and * @epos will be updated with the error position which is the byte offset * of @buf. If the error is not a parser error, @epos will be -1. + * Note that the @buf ownership is transferred, so it will be freed + * in xbc_destroy_all(). */ int __init xbc_init(char *buf, const char **emsg, int *epos) {
Free xbc_data memory in xbc_destroy_all() with other data. Note that this changes the ownership of the passed bootconfig data. Signed-off-by: Masami Hiramatsu <mhiramat@kernel.org> --- lib/bootconfig.c | 3 +++ 1 file changed, 3 insertions(+)