this reworks memory allocation throughout the support library.
the old DO_ALLOC macro had several problems:
1) only by reading the macro implementation is it possible to tell
what actually occurs. consider:
DO_ALLOC(x, ...);
vs.:
x = do_alloc(...);
only in the latter is it clear that x is being assigned to.
2) it looks like a typical macro/function call, except it alters the
control flow, usually by return'ing or executing a goto in the
enclosing function. this type of anti-pattern is explicitly called out
in the linux kernel coding style.
3) in one instance, setting the destination pointer to NULL is
actually a *success* return. in parse_required_member(), when parsing
a PROTOBUF_C_TYPE_BYTES wire field, it is possible that the field is
present but of zero length, in which case memory shouldn't be
allocated and nothing should actually be copied. this is not apparent
from reading:
DO_ALLOC(bd->data, allocator, len - pref_len, return 0);
memcpy(bd->data, data + pref_len, len - pref_len);
instead, make this behavior explicit:
if (len - pref_len > 0) {
bd->data = do_alloc(allocator, len - pref_len);
if (bd->data == NULL)
return 0;
memcpy(bd->data, data + pref_len, len - pref_len);
}
this is much more readable and makes it possible to write a
replacement for DO_ALLOC which returns NULL on failures.
this changes the protobuf_c_default_allocator to contain only NULL
values; if a replacement function pointer is not present (non-NULL) in
this struct, the default malloc/free implementations are used. this
makes it impossible to call the default allocator functions directly and
represents an API/ABI break, which required a fix to the
PROTOBUF_C_BUFFER_SIMPLE_CLEAR macro.
despite turning one-line allocations in the simple case:
DO_ALLOC(rv, allocator, desc->sizeof_message, return NULL);
into three-line statements like:
rv = do_alloc(allocator, desc->sizeof_message);
if (!rv)
return (NULL);
this changeset actually *reduces* the total number of lines in the
support library.
in general, libraries shouldn't be responsible for terminating the
program if memory allocation fails. if we need to allocate memory and
can't, we should be returning a failure indicator, not providing a
strange interface to the user for receiving a callback in the event of
such an error.
also in general, libraries should never write to stdout or stderr.
this breaks the API/ABI and will require a note in the ChangeLog.
i'm confused as to why these fields exist, since the typical
implementation of a "temporary alloc" would be something like alloca(),
and alloca() is usually just inlined code that adjusts the stack
pointer, which is not a function whose address could be taken.
this breaks the API/ABI and will require a note in the ChangeLog.
possibly we could revisit the idea of "temporary allocations" by using
C99 variable length arrays. this would have the advantage of being
standardized, unlike alloca().
this should silence Coverity #1153648, which complains because
tmp.length_prefix_len is uninitialized for certain wire types when
copied on line 2486:
scanned_member_slabs[which_slab][in_slab_index++] = tmp;
dave's original style drives me crazy. reformat the C code in
protobuf-c/ with "indent -kr -i8" and manually reflow for readability.
try to fit most lines in 80 columns, but due to the lengthy type and
function names in protobuf-c, enforcing an 80 column rule would result
in a lot of cramped statements, so try to fit lines in up to 100 columns
if it would improve readability. (e.g., one <=100 column line is
probably better than 3-4 <=80 column lines.)
ultimately i'd like to adopt most of the recommendations in the linux
coding style: https://www.kernel.org/doc/Documentation/CodingStyle.
this commit gets us most of the kernel indentation and comment coding
style recommendations. later commits will tackle style recommendations
that require more intrusive changes: breaking up large functions,
replacing macros that affect control flow (e.g., DO_ALLOC). this will
hopefully facilitate review and make the code base easier to maintain.
i ran the old and new versions of protobuf-c.c through something like:
gcc -S -D__PRETTY_FUNCTION__=0 -D__FILE__=0 -D__LINE__=0 -Wall -O0 \
-o protobuf-c.S -c protobuf-c.c
and reviewed the diffs of the assembly output to spot any functions that
changed, and went back to make sure that any differences were
functionally equivalent.
of the same field on the wire (Fixes#91)
t/generated-code2/test-generated-code2.c: add a test case for merging
messages
t/test-full.proto: expand message definitions to test for merging nested
messages
