talloc_tos()
Jeremy Allison
jra at samba.org
Fri Jun 15 15:44:16 UTC 2018
On Fri, Jun 15, 2018 at 02:43:32PM +0200, David Disseldorp via samba-technical wrote:
> On Fri, 15 Jun 2018 14:29:58 +0200, Volker Lendecke wrote:
>
> > > In talloc we already have a very nice hierarchical allocator which,
> > > alongside the stack, is perfectly capable of providing short lived
> > > memory allocations.
> >
> > How do we make sure we don't leak this memory, short of the clear
> > convention using talloc_tos()?
>
> A convention of using talloc_tos() does not guarantee that we don't
> leak memory. Just like long running async state contexts, talloc
> stackframes can also be neglected. As mentioned in the other mail, my
> preference would be to proceed with integration of valgrind memcheck,
> massif and talloc_report into regular CI.
I respect your opinion, but talloc_tos() was created to fix
specific errors that commonly crept into the code whilst
we were trying to do *precisely* what you're recommending :-).
In short, been there - tried that, it's not possible with
flawed humans to have the discipline needed to take care
of the talloc contexts correctly. I remember debugging these
problems, it was not fun.
Does talloc_tos() fix all that ? No, flawed humans screw
that up too. But I've used both mechanisms, and we have
*much* less bugs with talloc_tos().
tl;dr - talloc_tos() misuse crashes are much preferable to
long-lived memory leaks by trying to always use the correct
talloc context.
My 2cents.
Jeremy.
More information about the samba-technical
mailing list