From: "Daniel P. Berrange" <berrange@redhat.com>
To: Anthony Liguori <anthony@codemonkey.ws>
Cc: Kevin Wolf <kwolf@redhat.com>, David Turner <digit@google.com>,
qemu-devel@nongnu.org,
Jean-Christophe Dubois <jcd@tribudubois.net>,
Paul Brook <paul@codesourcery.com>,
Gerd Hoffmann <kraxel@redhat.com>
Subject: Re: [Qemu-devel] [PATCH] use qemu_malloc and friends consistently
Date: Tue, 2 Jun 2009 09:58:03 +0100 [thread overview]
Message-ID: <20090602085803.GB26814@redhat.com> (raw)
In-Reply-To: <4A24D92D.4010704@codemonkey.ws>
On Tue, Jun 02, 2009 at 02:47:57AM -0500, Anthony Liguori wrote:
> Gerd Hoffmann wrote:
> > On 05/29/09 23:12, David Turner wrote:
> >> I would even suggest providing helper macros to make the programmer's
> >> intent
> >> even more clear
> >> and less error-prone, as in:
> >>
> >> #define QEMU_NEW(ptr) (ptr) =
> >> qemu_alloc(sizeof(*(ptr)))
> >> #define QEMU_NEW_ARRAY(ptr,cnt) (ptr) =
> >> qemu_calloc((cnt),sizeof(*(ptr)))
> >> #define QEMU_RENEW_ARRAY(ptr,cnt) (ptr) =
> >> qemu_realloc((ptr),(cnt),sizeof(*(ptr)))
> >> #define QEMU_FREE_ARRAY(ptr) qemu_free(ptr)
> >
> > The idea to have allocators for arrays (and have them allow
> > zero-length arrays) is fine. I wouldn't create two macros for new and
> > renew array, you can just use usual realloc semantics (ptr == NULL ->
> > alloc).
> >
> > Also I don't like the syntax that much as you'll have the IMHO
> > non-intuitive code like this:
> >
> > QEMU_NEW_ARRAY(ptr, ...);
> >
> > instead of
> >
> > ptr = QEMU_NEW_ARRAY(...);
> >
> > then. I don't see another easy way to get the automagic sizeof(*ptr)
> > stuff done though.
>
> I've always liked glib's memory functions. It does OOM error handling
> and returns NULL when size == 0.
If you look at the problems associated with malloc there are many common
programmer mistakes, of which failure to check for NULL is just one.
IMHO, if you're going to wrap malloc/calloc/etc, then you should aim
higher and try to address all the common problems. David's suggestion
helps address the problem incorrect sizing too, of which there was an
example on this list only last week with VncState/VncDisplasy mixup.
Other problems including forgetting to initialize memory, which can be
solved by using calloc for everything (though in QEMU's case this may
have too much overhead). Double free is another which can be protected
against by having the free function also NULL-ify the pointer being
freed.
Regards,
Daniel
--
|: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :|
|: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|
next prev parent reply other threads:[~2009-06-02 9:00 UTC|newest]
Thread overview: 57+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-05-29 5:58 [Qemu-devel] [PATCH] use qemu_malloc and friends consistently Jean-Christophe Dubois
2009-05-29 8:42 ` Kevin Wolf
2009-05-29 9:05 ` Anthony Liguori
2009-05-29 9:51 ` malc
2009-05-29 10:05 ` Kevin Wolf
2009-05-29 10:23 ` malc
2009-05-29 10:34 ` Kevin Wolf
2009-05-29 10:40 ` malc
2009-05-29 10:49 ` Kevin Wolf
2009-05-29 10:56 ` Anthony Liguori
2009-05-29 11:06 ` malc
2009-05-29 11:14 ` Kevin Wolf
2009-05-29 10:53 ` Anthony Liguori
2009-05-29 11:24 ` malc
2009-05-29 12:36 ` Gerd Hoffmann
2009-05-29 13:07 ` Paul Brook
2009-05-29 13:46 ` Gerd Hoffmann
2009-05-29 13:59 ` Glauber Costa
2009-05-29 14:34 ` Anthony Liguori
2009-05-29 15:06 ` malc
2009-05-29 17:17 ` Julian Seward
2009-05-29 18:41 ` Gerd Hoffmann
2009-05-29 21:12 ` David Turner
2009-05-29 21:13 ` David Turner
2009-06-02 7:26 ` Gerd Hoffmann
2009-06-02 7:47 ` Anthony Liguori
2009-06-02 8:58 ` Daniel P. Berrange [this message]
2009-06-02 18:03 ` David Turner
2009-06-02 8:48 ` Avi Kivity
2009-06-02 18:02 ` David Turner
2009-06-02 18:13 ` Paul Brook
2009-06-02 19:49 ` David Turner
2009-06-02 20:04 ` Paul Brook
2009-06-02 20:42 ` David Turner
2009-06-02 20:45 ` Gerd Hoffmann
2009-06-02 20:48 ` Gerd Hoffmann
2009-06-02 20:58 ` Paul Brook
2009-06-02 21:19 ` David Turner
2009-06-02 19:03 ` Avi Kivity
2009-05-29 12:51 ` Markus Armbruster
2009-05-29 10:57 ` Gerd Hoffmann
2009-05-29 11:28 ` malc
2009-05-29 9:28 ` jcd
2009-05-29 9:38 ` Kevin Wolf
2009-06-01 11:59 ` Jamie Lokier
[not found] <18212122.68761243590277678.JavaMail.root@srv-05.w4a.fr>
2009-05-29 10:00 ` jcd
2009-05-29 10:10 ` Kevin Wolf
[not found] <2171027.69001243598252547.JavaMail.root@srv-05.w4a.fr>
2009-05-29 12:00 ` jcd
2009-05-29 12:05 ` Kevin Wolf
2009-05-29 12:13 ` jcd
2009-05-29 12:32 ` Markus Armbruster
2009-05-29 12:38 ` jcd
[not found] <28932640.69341243603994530.JavaMail.root@srv-05.w4a.fr>
2009-05-29 13:35 ` jcd
[not found] <28912134.69441243608238156.JavaMail.root@srv-05.w4a.fr>
2009-05-29 14:46 ` jcd
[not found] <33383337.69831243610071896.JavaMail.root@srv-05.w4a.fr>
2009-05-29 15:15 ` jcd
[not found] <1758936.71791243858884274.JavaMail.root@srv-05.w4a.fr>
2009-06-01 12:24 ` jcd
2009-06-01 23:46 ` Jamie Lokier
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20090602085803.GB26814@redhat.com \
--to=berrange@redhat.com \
--cc=anthony@codemonkey.ws \
--cc=digit@google.com \
--cc=jcd@tribudubois.net \
--cc=kraxel@redhat.com \
--cc=kwolf@redhat.com \
--cc=paul@codesourcery.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).