作者liptonbin (我还存在耶)
看板C_and_CPP
标题[问题] 请问free分配空间的概念
时间Fri Apr 21 11:02:55 2023
请教一下两个问题,如下
为什麽path分配空间後,最後面写kfree(path)会导致crash,这样写法是错的吗?
另外code写free_token = token,然後最後kfree(free_token),为什麽要多写一个指标去free?
谢谢
int test(struct device *dev, const char *p_i8_buf, size_t count)
{
int i32_ret = 0;
char *temp_buf, *token, *path;
char *free_temp_buf, *free_token;
unsigned long fun = 0;
const char *delim = " ,";
temp_buf = kzalloc(RAYDIUM_FW_BIN_PATH_LENGTH + 1, GFP_KERNEL);
if (temp_buf == NULL)
{
return -ENOMEM;
}
token = kzalloc(RAYDIUM_FW_BIN_PATH_LENGTH + 1, GFP_KERNEL);
if (token == NULL) {
kfree(temp_buf);
return -ENOMEM;
}
path = kzalloc(RAYDIUM_FW_BIN_PATH_LENGTH + 1, GFP_KERNEL);
if (path == NULL) {
kfree(temp_buf);
kfree(token);
return -ENOMEM;
}
free_token = token;
free_temp_buf = temp_buf;
strlcpy(temp_buf, p_i8_buf, count);
token = strsep(&temp_buf, delim);
if(token == NULL)
{
kfree(free_token);
kfree(free_temp_buf);
kfree(path);
return -EINVAL;
}
i32_ret = kstrtoul(token, 16, &fun);
if (i32_ret < 0) {
kfree(free_token);
kfree(free_temp_buf);
kfree(path);
return i32_ret;
}
path = strsep(&temp_buf, delim);//log path
parse(dev, fun, path);
kfree(free_token);
kfree(free_temp_buf);
//kfree(path); //will not crash <-----------------
or kfree(path); //will crash<------------------------
return count;
}
crash log:
[ 1316.983483] Unable to handle kernel paging request at virtual address 00005e00
[ 1316.990498] pgd = db59c000
[ 1316.993168] [00005e00] *pgd=00000000
[ 1316.996642] Internal error: Oops: 5 [#1] PREEMPT SMP ARM
[ 1317.001840] Modules linked in: drmboot(P) mali_kbase
[ 1317.006705] CPU: 3 PID: 1326 Comm: sh Tainted: P 3.10.0 #6612
[ 1317.013355] task: db702a00 ti: db728000 task.ti: db728000
[ 1317.018648] PC is at kmem_cache_alloc_trace+0x7c/0x1c0
[ 1317.023676] LR is at test+0x98/0x2fc
[ 1317.028707] pc : [<c0100620>] r : [<c04b39a8>] sr: 20010013
[ 1317.028707] sp : db729eb0 p : 00000000 p : 00000101
[ 1317.039960] r10: 00000f53 9 : 01328000 8 : c04b39a8
2.
通常看到都是写法3,
我在看很多别人写的code的写法都是1,请问是不是改成2才对?
if(!handle)等价if(handle==NULL)吗?
谢谢回答
struct input_handle *handle;
(1) handle = kzalloc(sizeof(*handle), GFP_KERNEL);
if (!handle)
return -ENOMEM;
(2)
handle = kzalloc(sizeof(*handle), GFP_KERNEL);
if (!handle)
{
kfree(handle);
return -ENOMEM;
}
(3)
handle = kzalloc(sizeof(*handle), GFP_KERNEL);
if (handle == NULL)
{
return -ENOMEM;
}
kfree(handle);
-----
Sent from JPTT on my Asus ASUS_Z012DA.
--
※ 发信站: 批踢踢实业坊(ptt.cc), 来自: 1.200.98.254 (台湾)
※ 文章网址: https://webptt.com/cn.aspx?n=bbs/C_and_CPP/M.1682046179.A.E43.html
1F:推 Schottky: 问题出在 strsep 那一行,你 kfree() 的 path 不是当初 04/21 13:24
2F:→ Schottky: kzalloc() 出来的位址 04/21 13:25
3F:推 gusion: 你的path在strsep那行被更新了,变成指到temp_buf里面的某 04/21 13:25
4F:→ gusion: 个位置,不是原本kzalloc出来的那块,所以最後kfree(path) 04/21 13:25
5F:→ Schottky: 还有 code 麻烦缩排一下,我还要用 indent 缩排过才看得 04/21 13:25
6F:→ gusion: 才会出错,另外没有kfree(path),原本allocate的memory就 04/21 13:25
7F:→ gusion: 没人free,也会memory leak 04/21 13:25
8F:→ Schottky: 懂你在写什麽 04/21 13:25
9F:推 gusion: 另外,error handling我是习惯在尾巴加上label,用goto 04/21 13:28
10F:→ lycantrope: 2-(2)应该是拿枪射自己脚吧ww 04/21 17:48