| Message ID | 20231013085722.3031537-1-michal.wilczynski@intel.com |
|---|---|
| State | New |
| Headers |
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a05:612c:2908:b0:403:3b70:6f57 with SMTP id
ib8csp1751358vqb;
Fri, 13 Oct 2023 01:58:10 -0700 (PDT)
X-Google-Smtp-Source:
AGHT+IEqvZC5KxrNcIpyTKU6qSLjwiA2UCGUliYG5kjbYjTZInHjOmL9mQLS6ajh9zGVdLfBR2NX
X-Received: by 2002:a17:90b:4b04:b0:27d:1593:2b08 with SMTP id
lx4-20020a17090b4b0400b0027d15932b08mr5529029pjb.0.1697187490457;
Fri, 13 Oct 2023 01:58:10 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1697187490; cv=none;
d=google.com; s=arc-20160816;
b=ldLPbIR4JXxnS8PEnYXYD+y4YrAlRTdFt/AMBdOYFDCMshyOUmO5pdq9/lx2CaiY+t
bIak8tl/9UnGxxfZyrLB2kFz1xabnpDQ4J+tmBuQPkEChzUnNa9ulLTyOWNPApgqXu3L
Vkh4xsTJIIA6F/6nGujmXV/sPLS+2CSuiTn7f8ylKgKU2W3E4/WOufJlmfFhoeb7LVPc
WCad6erM5Tj31SDsrefNIiwgigapBknWuE8xGIuAygrwXn/L+ugULwrKjC78/pI3Qshn
1fYnEyjitSIvuF2BzKdC09Nd0O/HgK7q7CShJdRfi86gvVDWCbbNpylGf0pivjsK5itM
jPvQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20160816;
h=list-id:precedence:content-transfer-encoding:mime-version
:message-id:date:subject:cc:to:from:dkim-signature;
bh=MG2PDKZgtwn9tI+mReMH4pOSSczrxkXZSYC4fnMYM5c=;
fh=oJx2KX6S9LL6lDqlYpYTLQ7S0UoxYChHjrY5DF8+ajk=;
b=nJf2JSH9YdgW2wUxFCq1I8jR4Jgc6sIXgER/gYgOcmQzNTntW4Fe/kk45MjUnHuiBQ
DStbasXQ8wimsJq7Ca8Szz62hV/HJY6BmUp1k3oT4Q9HNhtGrG1r2ULG22o07CCtC4jC
sAll7lOebYCz1EMRR8pDYAlomK0dHdMJVOqtjS+5Smy/AVH4DKXgED2BsIp4onjF+RDW
Jj/RIn3escj1XR7Yvh0DYyIsxVYH8JyYNzpT+r0cTJtowEd3Te5AWeto/oSwGIhDYYae
rEpk4w2AO0pvF0jck+qyc9T66ChdqbjNFD5efHoTcv58Jed28I5dJ7KuuZ8nhlCHKnsc
NJUQ==
ARC-Authentication-Results: i=1; mx.google.com;
dkim=pass header.i=@intel.com header.s=Intel header.b="QA/UUN8S";
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 23.128.96.34 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: from howler.vger.email (howler.vger.email. [23.128.96.34])
by mx.google.com with ESMTPS id
g14-20020a17090a67ce00b00277507e8085si4216929pjm.55.2023.10.13.01.58.10
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Fri, 13 Oct 2023 01:58:10 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 23.128.96.34 as permitted sender) client-ip=23.128.96.34;
Authentication-Results: mx.google.com;
dkim=pass header.i=@intel.com header.s=Intel header.b="QA/UUN8S";
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 23.128.96.34 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0])
by howler.vger.email (Postfix) with ESMTP id 4E58A82C5172;
Fri, 13 Oct 2023 01:58:08 -0700 (PDT)
X-Virus-Status: Clean
X-Virus-Scanned: clamav-milter 0.103.10 at howler.vger.email
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
id S230258AbjJMI5r (ORCPT <rfc822;rua109.linux@gmail.com>
+ 19 others); Fri, 13 Oct 2023 04:57:47 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53820 "EHLO
lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
with ESMTP id S230193AbjJMI5p (ORCPT
<rfc822;linux-kernel@vger.kernel.org>);
Fri, 13 Oct 2023 04:57:45 -0400
Received: from mgamail.intel.com (mgamail.intel.com [192.55.52.151])
by lindbergh.monkeyblade.net (Postfix) with ESMTPS id BCE25B8;
Fri, 13 Oct 2023 01:57:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
t=1697187464; x=1728723464;
h=from:to:cc:subject:date:message-id:mime-version:
content-transfer-encoding;
bh=h5m5ctsCvAex9DpLpCjOPM49S/+k402kl9JdKLI4A4U=;
b=QA/UUN8S5wYH08BJHW7psYmhtmWTTFNVg3SjGdVRFyct1H2lVh22yl9Y
jUvfAsbhdfizBYxZ8pnETztC1vVX9hk1GCvNBau+6PeIsn5FD7EVxvGax
j1z+JUuPD8m6OW33CfYFlVGTiBq/vhqeiDoJhqKUMQlVE9OIVvQ8cRPlP
/CVJaHP4MFWJBquYfDFcR4XqE9PV58yqrx99n0gx2891VOtIYmDvZcK9G
xKWDTBc4x3e6TptaKGefrm9TQPCQFB6ct9+QdMEze+Atckc5M2L3a65E3
WZ6+zABeSq4kY9a5EtJVYB9P8C3gCycywxTerChiq5IbUesP19n+VKIxS
g==;
X-IronPort-AV: E=McAfee;i="6600,9927,10861"; a="365397256"
X-IronPort-AV: E=Sophos;i="6.03,221,1694761200";
d="scan'208";a="365397256"
Received: from fmsmga005.fm.intel.com ([10.253.24.32])
by fmsmga107.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
13 Oct 2023 01:57:44 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=McAfee;i="6600,9927,10861"; a="1086060791"
X-IronPort-AV: E=Sophos;i="6.03,221,1694761200";
d="scan'208";a="1086060791"
Received: from powerlab.fi.intel.com ([10.237.71.25])
by fmsmga005-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
13 Oct 2023 01:57:41 -0700
From: Michal Wilczynski <michal.wilczynski@intel.com>
To: nvdimm@lists.linux.dev, linux-acpi@vger.kernel.org,
dan.j.williams@intel.com
Cc: rafael@kernel.org, vishal.l.verma@intel.com, lenb@kernel.org,
dave.jiang@intel.com, ira.weiny@intel.com,
linux-kernel@vger.kernel.org,
Michal Wilczynski <michal.wilczynski@intel.com>,
Andy Shevchenko <andy.shevchenko@gmail.com>
Subject: [PATCH v2] ACPI: NFIT: Fix local use of devm_*()
Date: Fri, 13 Oct 2023 11:57:22 +0300
Message-ID: <20231013085722.3031537-1-michal.wilczynski@intel.com>
X-Mailer: git-send-email 2.41.0
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=-0.9 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED,
DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,
MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=unavailable
autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on howler.vger.email
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-Greylist: Sender passed SPF test,
not delayed by milter-greylist-4.6.4 (howler.vger.email [0.0.0.0]);
Fri, 13 Oct 2023 01:58:08 -0700 (PDT)
X-getmail-retrieved-from-mailbox: INBOX
X-GMAIL-THRID: 1779630070054165350
X-GMAIL-MSGID: 1779630070054165350
|
| Series |
[v2] ACPI: NFIT: Fix local use of devm_*()
|
|
Commit Message
Wilczynski, Michal
Oct. 13, 2023, 8:57 a.m. UTC
devm_*() family of functions purpose is managing memory attached to a device. So in general it should only be used for allocations that should last for the whole lifecycle of the device. This is not the case for acpi_nfit_init_interleave_set(). There are two allocations that are only used locally in this function. Fix this by switching from devm_kcalloc() to kcalloc(), and adding modern scope based rollback. This is similar to C++ RAII and is preferred way for handling local memory allocations. Reported-by: Andy Shevchenko <andy.shevchenko@gmail.com> Suggested-by: Dave Jiang <dave.jiang@intel.com> Suggested-by: Andy Shevchenko <andy.shevchenko@gmail.com> Reviewed-by: Dave Jiang <dave.jiang@intel.com> Reviewed-by: Andy Shevchenko <andy.shevchenko@gmail.com> Signed-off-by: Michal Wilczynski <michal.wilczynski@intel.com> --- v2: - removed first commit from the patchset, as the commit couldn't be marked as a fix - squashed those commits together, since the second one were mostly overwriting the previous one drivers/acpi/nfit/core.c | 21 ++++++++------------- 1 file changed, 8 insertions(+), 13 deletions(-)
Comments
Michal Wilczynski wrote: > devm_*() family of functions purpose is managing memory attached to a > device. So in general it should only be used for allocations that should > last for the whole lifecycle of the device. No, this assertion is not accurate, if it were strictly true then devm_kfree() should be deleted. This patch is only a cleanup to switch the automatic cleanup pattern from devm to the new cleanup.h helpers. I am all for modernizing code over time, but patches that make assertions of "memory leaks" and "incorrect API usage" in code that has been untouched for almost a decade demand more scrutiny than what transpired here.
On 10/13/2023 6:38 PM, Dan Williams wrote: > Michal Wilczynski wrote: >> devm_*() family of functions purpose is managing memory attached to a >> device. So in general it should only be used for allocations that should >> last for the whole lifecycle of the device. > No, this assertion is not accurate, if it were strictly true then > devm_kfree() should be deleted. This patch is only a cleanup to switch > the automatic cleanup pattern from devm to the new cleanup.h helpers. The memory in question is only used locally in a function, so there is no reason to use devm_*() family of functions. I think devm_kfree() is more for special cases where the memory is meant to be used for the whole lifecycle of device, but some special case occurs and it's not and it needs to be freed. This is an incorrect API usage. Would you propose to change all memory allocations currently being done to devm_*() family simply because devm_kfree() exists ? Why introduce extra overhead if you don't have to ? > > I am all for modernizing code over time, but patches that make > assertions of "memory leaks" and "incorrect API usage" in code that has > been untouched for almost a decade demand more scrutiny than what > transpired here. I understand that it's not necessarily a big problem, and the code works perfectly, I can change the phrasing if you don't like it, but still the cleanup.h helpers don't really care that much what functions they call to allocate/free. They are meant to care about the scope - like constructor destructor in C++ - you can call anything there. So this commit changes 2 things: - change family of function to allocate from devm_kcalloc() to kcalloc() - use scope based mechanism to call those functions Thanks a lot for your review ! Michał
Wilczynski, Michal wrote: > On 10/13/2023 6:38 PM, Dan Williams wrote: > > Michal Wilczynski wrote: > >> devm_*() family of functions purpose is managing memory attached to a > >> device. So in general it should only be used for allocations that should > >> last for the whole lifecycle of the device. > > No, this assertion is not accurate, if it were strictly true then > > devm_kfree() should be deleted. This patch is only a cleanup to switch > > the automatic cleanup pattern from devm to the new cleanup.h helpers. > > The memory in question is only used locally in a function, so there is no reason > to use devm_*() family of functions. I think devm_kfree() is more for special > cases where the memory is meant to be used for the whole lifecycle of device, > but some special case occurs and it's not and it needs to be freed. > > This is an incorrect API usage. Would you propose to change all memory > allocations currently being done to devm_*() family simply because devm_kfree() > exists ? Michal, please work with someone else to get these cleanups upstream, I am done with this thread.
On 10/13/2023 7:05 PM, Dan Williams wrote: > Wilczynski, Michal wrote: >> On 10/13/2023 6:38 PM, Dan Williams wrote: >>> Michal Wilczynski wrote: >>>> devm_*() family of functions purpose is managing memory attached to a >>>> device. So in general it should only be used for allocations that should >>>> last for the whole lifecycle of the device. >>> No, this assertion is not accurate, if it were strictly true then >>> devm_kfree() should be deleted. This patch is only a cleanup to switch >>> the automatic cleanup pattern from devm to the new cleanup.h helpers. >> The memory in question is only used locally in a function, so there is no reason >> to use devm_*() family of functions. I think devm_kfree() is more for special >> cases where the memory is meant to be used for the whole lifecycle of device, >> but some special case occurs and it's not and it needs to be freed. >> >> This is an incorrect API usage. Would you propose to change all memory >> allocations currently being done to devm_*() family simply because devm_kfree() >> exists ? > Michal, please work with someone else to get these cleanups upstream, I > am done with this thread. I'm really sorry if I offended you, I didn't mean to. Michał
Wilczynski, Michal wrote: > > > On 10/13/2023 7:05 PM, Dan Williams wrote: > > Wilczynski, Michal wrote: > >> On 10/13/2023 6:38 PM, Dan Williams wrote: > >>> Michal Wilczynski wrote: > >>>> devm_*() family of functions purpose is managing memory attached to a > >>>> device. So in general it should only be used for allocations that should > >>>> last for the whole lifecycle of the device. > >>> No, this assertion is not accurate, if it were strictly true then > >>> devm_kfree() should be deleted. This patch is only a cleanup to switch > >>> the automatic cleanup pattern from devm to the new cleanup.h helpers. > >> The memory in question is only used locally in a function, so there is no reason > >> to use devm_*() family of functions. I think devm_kfree() is more for special > >> cases where the memory is meant to be used for the whole lifecycle of device, > >> but some special case occurs and it's not and it needs to be freed. > >> > >> This is an incorrect API usage. Would you propose to change all memory > >> allocations currently being done to devm_*() family simply because devm_kfree() > >> exists ? > > Michal, please work with someone else to get these cleanups upstream, I > > am done with this thread. > > I'm really sorry if I offended you, I didn't mean to. Hey, it happens. I am not offended, just frustrated. Going forward, my advice for anyone doing advocacy for a patch set is to be clear about "what happens if upstream does not take this patch?". When you view it from that angle the patch changelog that would have received an immediate Reviewed-by with no additional comment from me is something along the lines of: "The new cleanup.h facilities that arrived in v6.5-rc1 can replace the the usage of devm semantics in acpi_nfit_init_interleave_set(). That routine appears to only be using devm to avoid goto statements. The new __free() annotation at variable declaration time can achieve the same effect more efficiently. There is no end user visible side effects of this patch, I was motivated to send this cleanup to practice using the new helpers." As Linus mentions, subtlety is difficult to convey in mailing list interactions, and you may not have picked up on it, but the frustration for me began with the claim of a memory leak that turned out to be false. That was the prompt to consider "what other claims should I be careful about now that the fundamental justification for touching this old code has gone away." So if you want to try again with the justification of the patch limited to a cleanup, we can move forward.
On Sat, Oct 14, 2023 at 12:20 AM Dan Williams <dan.j.williams@intel.com> wrote: > Wilczynski, Michal wrote: ... > "The new cleanup.h facilities that arrived in v6.5-rc1 can replace the > the usage of devm semantics in acpi_nfit_init_interleave_set(). That > routine appears to only be using devm to avoid goto statements. The new > __free() annotation at variable declaration time can achieve the same > effect more efficiently. > > There is no end user visible side effects of this patch, I was motivated > to send this cleanup to practice using the new helpers." The end-user side effect (educational and not run-time) is that: "One should really be careful about the scope of the devm_*() APIs and use of them just for the sake of the RAII replacement is not the best idea, while code is still working. Hence it gives a better example for whoever tries to use this code for educational purposes."
diff --git a/drivers/acpi/nfit/core.c b/drivers/acpi/nfit/core.c index 3826f49d481b..67a844a705c4 100644 --- a/drivers/acpi/nfit/core.c +++ b/drivers/acpi/nfit/core.c @@ -2257,26 +2257,23 @@ static int acpi_nfit_init_interleave_set(struct acpi_nfit_desc *acpi_desc, struct nd_region_desc *ndr_desc, struct acpi_nfit_system_address *spa) { + u16 nr = ndr_desc->num_mappings; + struct nfit_set_info2 *info2 __free(kfree) = + kcalloc(nr, sizeof(*info2), GFP_KERNEL); + struct nfit_set_info *info __free(kfree) = + kcalloc(nr, sizeof(*info), GFP_KERNEL); struct device *dev = acpi_desc->dev; struct nd_interleave_set *nd_set; - u16 nr = ndr_desc->num_mappings; - struct nfit_set_info2 *info2; - struct nfit_set_info *info; int i; + if (!info || !info2) + return -ENOMEM; + nd_set = devm_kzalloc(dev, sizeof(*nd_set), GFP_KERNEL); if (!nd_set) return -ENOMEM; import_guid(&nd_set->type_guid, spa->range_guid); - info = devm_kcalloc(dev, nr, sizeof(*info), GFP_KERNEL); - if (!info) - return -ENOMEM; - - info2 = devm_kcalloc(dev, nr, sizeof(*info2), GFP_KERNEL); - if (!info2) - return -ENOMEM; - for (i = 0; i < nr; i++) { struct nd_mapping_desc *mapping = &ndr_desc->mapping[i]; struct nvdimm *nvdimm = mapping->nvdimm; @@ -2337,8 +2334,6 @@ static int acpi_nfit_init_interleave_set(struct acpi_nfit_desc *acpi_desc, } ndr_desc->nd_set = nd_set; - devm_kfree(dev, info); - devm_kfree(dev, info2); return 0; }