Jeremy Allison jra at samba.org
Fri Jun 15 15:44:16 UTC 2018

On Fri, Jun 15, 2018 at 02:43:32PM +0200, David Disseldorp via samba-technical wrote:
> On Fri, 15 Jun 2018 14:29:58 +0200, Volker Lendecke wrote:
> > > In talloc we already have a very nice hierarchical allocator which,
> > > alongside the stack, is perfectly capable of providing short lived
> > > memory allocations.  
> > 
> > How do we make sure we don't leak this memory, short of the clear
> > convention using talloc_tos()?
> A convention of using talloc_tos() does not guarantee that we don't
> leak memory. Just like long running async state contexts, talloc
> stackframes can also be neglected. As mentioned in the other mail, my
> preference would be to proceed with integration of valgrind memcheck,
> massif and talloc_report into regular CI.

I respect your opinion, but talloc_tos() was created to fix
specific errors that commonly crept into the code whilst
we were trying to do *precisely* what you're recommending :-).

In short, been there - tried that, it's not possible with
flawed humans to have the discipline needed to take care
of the talloc contexts correctly. I remember debugging these
problems, it was not fun.

Does talloc_tos() fix all that ? No, flawed humans screw
that up too. But I've used both mechanisms, and we have
*much* less bugs with talloc_tos().

tl;dr - talloc_tos() misuse crashes are much preferable to
long-lived memory leaks by trying to always use the correct
talloc context.

My 2cents.


More information about the samba-technical mailing list