From: Al Viro <viro@ftp.linux.org.uk>
To: Miklos Szeredi <miklos@szeredi.hu>
Cc: torvalds@linux-foundation.org, linux-kernel@vger.kernel.org,
linux-mm@kvack.org, akpm@linux-foundation.org
Subject: Re: [RFC PATCH] type safe allocator
Date: Thu, 2 Aug 2007 13:05:15 +0100 [thread overview]
Message-ID: <20070802120515.GL21089@ftp.linux.org.uk> (raw)
In-Reply-To: <E1IGV6D-0000rM-00@dorka.pomaz.szeredi.hu>
On Thu, Aug 02, 2007 at 09:27:57AM +0200, Miklos Szeredi wrote:
> > Quite frankly, I suspect you would be better off just instrumenting
> > "sparse" instead, and matching up the size of the allocation with the type
> > it gets assigned to.
>
> But that just can't be done, because kmalloc() doesn't tell us the
> _intent_ of the allocation.
Of course it can be done. When argument has form sizeof(...), attach
the information about target of pointer to the resulting void *; have
? : between pointer to object and that one warn if types do not match,
? : between void * and that one lose that information, ? : between
two such warn when types do not match. On assigment-type operations
(assignment, passing argument to function, initializer, return) when
the type of target is pointer to object (and not void *) warn if
types do not match. Have typeof lose that information.
Not even hard to implement; just let us finish cleaning the lazy examination
logics up first (~5-6 patches away).
FWIW, I object against the original proposal, no matter how you name it.
Reason: we are introducing more magical constructs that have to be known
to human reader in order to parse the damn code.
Folks, this is serious. _We_ might be used to having in effect a C dialect
with extensions implemented by preprocessor. That's fine, but for a fresh
reader it becomes a problem; sure, they can dig in include/linux/*.h and
to some extent they clearly have to. However, it doesn't come for free
and we really ought to keep that in mind - amount of local idioms (and
anything that doesn't look like a normal function call with normal arguments
_does_ become an idiom to be learnt before one can fluently RTFS) is a thing
to watch out for.
IOW, whenever we add to that pile we ought to look hard at whether it's worth
the trouble.
WARNING: multiple messages have this Message-ID (diff)
From: Al Viro <viro@ftp.linux.org.uk>
To: Miklos Szeredi <miklos@szeredi.hu>
Cc: torvalds@linux-foundation.org, linux-kernel@vger.kernel.org,
linux-mm@kvack.org, akpm@linux-foundation.org
Subject: Re: [RFC PATCH] type safe allocator
Date: Thu, 2 Aug 2007 13:05:15 +0100 [thread overview]
Message-ID: <20070802120515.GL21089@ftp.linux.org.uk> (raw)
In-Reply-To: <E1IGV6D-0000rM-00@dorka.pomaz.szeredi.hu>
On Thu, Aug 02, 2007 at 09:27:57AM +0200, Miklos Szeredi wrote:
> > Quite frankly, I suspect you would be better off just instrumenting
> > "sparse" instead, and matching up the size of the allocation with the type
> > it gets assigned to.
>
> But that just can't be done, because kmalloc() doesn't tell us the
> _intent_ of the allocation.
Of course it can be done. When argument has form sizeof(...), attach
the information about target of pointer to the resulting void *; have
? : between pointer to object and that one warn if types do not match,
? : between void * and that one lose that information, ? : between
two such warn when types do not match. On assigment-type operations
(assignment, passing argument to function, initializer, return) when
the type of target is pointer to object (and not void *) warn if
types do not match. Have typeof lose that information.
Not even hard to implement; just let us finish cleaning the lazy examination
logics up first (~5-6 patches away).
FWIW, I object against the original proposal, no matter how you name it.
Reason: we are introducing more magical constructs that have to be known
to human reader in order to parse the damn code.
Folks, this is serious. _We_ might be used to having in effect a C dialect
with extensions implemented by preprocessor. That's fine, but for a fresh
reader it becomes a problem; sure, they can dig in include/linux/*.h and
to some extent they clearly have to. However, it doesn't come for free
and we really ought to keep that in mind - amount of local idioms (and
anything that doesn't look like a normal function call with normal arguments
_does_ become an idiom to be learnt before one can fluently RTFS) is a thing
to watch out for.
IOW, whenever we add to that pile we ought to look hard at whether it's worth
the trouble.
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
next prev parent reply other threads:[~2007-08-02 12:05 UTC|newest]
Thread overview: 60+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-08-01 9:06 [RFC PATCH] type safe allocator Miklos Szeredi
2007-08-01 9:06 ` Miklos Szeredi
2007-08-01 9:29 ` Adrian Bunk
2007-08-01 9:29 ` Adrian Bunk
2007-08-01 9:41 ` Miklos Szeredi
2007-08-01 9:41 ` Miklos Szeredi
2007-08-01 10:44 ` Andi Kleen
2007-08-01 10:44 ` Andi Kleen
2007-08-01 9:57 ` Miklos Szeredi
2007-08-01 9:57 ` Miklos Szeredi
2007-08-01 11:34 ` Andi Kleen
2007-08-01 11:34 ` Andi Kleen
2007-08-01 10:45 ` Miklos Szeredi
2007-08-01 10:45 ` Miklos Szeredi
2007-08-01 11:44 ` Jan Engelhardt
2007-08-01 11:44 ` Jan Engelhardt
2007-08-01 11:56 ` Miklos Szeredi
2007-08-01 11:56 ` Miklos Szeredi
2007-08-02 3:56 ` Linus Torvalds
2007-08-02 3:56 ` Linus Torvalds
2007-08-02 7:27 ` Miklos Szeredi
2007-08-02 7:27 ` Miklos Szeredi
2007-08-02 12:05 ` Al Viro [this message]
2007-08-02 12:05 ` Al Viro
2007-08-02 13:05 ` Miklos Szeredi
2007-08-02 13:05 ` Miklos Szeredi
2007-08-02 17:23 ` Linus Torvalds
2007-08-02 17:23 ` Linus Torvalds
2007-08-02 5:33 ` Christoph Lameter
2007-08-02 5:33 ` Christoph Lameter
2007-08-02 7:38 ` Miklos Szeredi
2007-08-02 7:38 ` Miklos Szeredi
2007-08-02 19:16 ` Christoph Lameter
2007-08-02 19:16 ` Christoph Lameter
2007-08-02 7:37 ` Satyam Sharma
2007-08-02 7:37 ` Satyam Sharma
2007-08-02 7:40 ` Miklos Szeredi
2007-08-02 7:40 ` Miklos Szeredi
2007-08-02 11:31 ` [PATCH] " Miklos Szeredi
2007-08-02 11:31 ` Miklos Szeredi, Miklos Szeredi
2007-08-02 12:04 ` Alexey Dobriyan
2007-08-02 12:04 ` Alexey Dobriyan
2007-08-02 12:24 ` Jan Engelhardt
2007-08-02 12:24 ` Jan Engelhardt
2007-08-02 13:06 ` Miklos Szeredi
2007-08-02 13:06 ` Miklos Szeredi
2007-08-02 13:35 ` Jan Engelhardt
2007-08-02 13:35 ` Jan Engelhardt
2007-08-02 13:49 ` Miklos Szeredi
2007-08-02 13:49 ` Miklos Szeredi
2007-08-02 13:47 ` Peter Zijlstra
2007-08-02 13:47 ` Peter Zijlstra
2007-08-02 14:06 ` Bernd Petrovitsch
2007-08-02 14:06 ` Bernd Petrovitsch
2007-08-02 14:08 ` Jan Engelhardt
2007-08-02 14:08 ` Jan Engelhardt
2007-08-02 18:36 ` Andrew Morton
2007-08-02 18:36 ` Andrew Morton
2007-08-02 18:48 ` Miklos Szeredi
2007-08-02 18:48 ` Miklos Szeredi
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20070802120515.GL21089@ftp.linux.org.uk \
--to=viro@ftp.linux.org.uk \
--cc=akpm@linux-foundation.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=miklos@szeredi.hu \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.