# HG changeset patch # User Bruno Haible # Date 1235263902 -3600 # Node ID 55b4123a6159609df24fa43fd1dd32266f809093 # Parent cdae812b8b5aa7c5f48f74938528c09401853d67 Cosmetic tweaks in the safe-alloc module. diff --git a/ChangeLog b/ChangeLog --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,13 @@ +2009-02-21 Bruno Haible + + * doc/gnulib.texi: Include safe-alloc.texi earlier. + * doc/safe-alloc.texi: Terminate sentences with a period. Use two + spaces after a period. Put a space between a macro name and its + argument list. Trivial rewordings. + * lib/safe-alloc.c: Include safe-alloc.h right after config.h. + * tests/test-safe-alloc.c: Likewise. Include stdlib.h. + (main): Return 0 explicitly. + 2009-02-21 Bruno Haible Tests for module 'uninorm/filter'. diff --git a/doc/gnulib.texi b/doc/gnulib.texi --- a/doc/gnulib.texi +++ b/doc/gnulib.texi @@ -5814,6 +5814,7 @@ @menu * alloca:: * alloca-opt:: +* Safe Allocation Macros:: * String Functions in C Locale:: * Quoting:: * error and progname:: @@ -5824,7 +5825,6 @@ * func:: * warnings:: * manywarnings:: -* Safe Allocation Macros:: @end menu @node alloca @@ -5837,6 +5837,8 @@ @findex alloca @include alloca-opt.texi +@include safe-alloc.texi + @node String Functions in C Locale @section Character and String Functions in C Locale @@ -5915,8 +5917,6 @@ @include manywarnings.texi -@include safe-alloc.texi - @node GNU Free Documentation License @appendix GNU Free Documentation License diff --git a/doc/safe-alloc.texi b/doc/safe-alloc.texi --- a/doc/safe-alloc.texi +++ b/doc/safe-alloc.texi @@ -2,8 +2,8 @@ @section Safe Allocation Macros The standard C library malloc/realloc/calloc/free APIs are prone to a -number of common coding errors. The @code{safe-alloc} module provides -macros that make it easier to avoid many of them. It still uses the +number of common coding errors. The @code{safe-alloc} module provides +macros that make it easier to avoid many of them. It still uses the standard C allocation functions behind the scenes. Some of the memory allocation mistakes that are commonly made are @@ -11,72 +11,72 @@ @itemize @bullet @item passing the incorrect number of bytes to @code{malloc}, especially -when allocationg an array +when allocating an array, @item fail to check the return value of @code{malloc} and @code{realloc} for -errors +errors, @item -forget to fully initialize memory just allocated with @code{malloc} +forget to fully initialize memory just allocated with @code{malloc}, @item duplicate calls to @code{free} by forgetting to set the pointer -variable to @code{NULL} +variable to @code{NULL}, @item -leaking memory in calls to @code{realloc} when that call fails +leaking memory in calls to @code{realloc} when that call fails. @end itemize The @code{safe-alloc} module addresses these problems in the following way: @itemize @bullet @item -Define macros that wrap around the standard C allocation -functions. That makes it possible to use the compiler's knowledge of +It defines macros that wrap around the standard C allocation +functions. That makes it possible to use the compiler's knowledge of the size of objects for allocation; it also allows setting pointers -passed in as arguments when appropriate +passed in as arguments when appropriate. @item -Use return values only for a success/fail error condition flag, -and annotate them with GCC's @code{__warn_unused_result__} +It uses return values only for a success/failure error condition flag, +and annotates them with GCC's @code{__warn_unused_result__} attribute. @item -Use @code{calloc} in favor of @code{malloc} +It uses @code{calloc} instead of @code{malloc}. @end itemize @defmac {int} ALLOC (ptr) @findex ALLOC Allocate @code{sizeof(*ptr)} bytes of memory and store the address of -allocated memory in @code{ptr}. Fill the newly allocated memory with +allocated memory in @code{ptr}. Fill the newly allocated memory with zeros. Returns -1 on failure, 0 on success. @end defmac -@defmac {int} ALLOC_N(ptr, count) +@defmac {int} ALLOC_N (ptr, count) @findex ALLOC_N Allocate an array of @code{count} elements, each @code{sizeof(*ptr)} -bytes long and store the address of allocated memory in -@code{ptr}. Fill the newly allocated memory with zeros. +bytes long, and store the address of allocated memory in +@code{ptr}. Fill the newly allocated memory with zeros. Returns -1 on failure, 0 on success. @end defmac -@defmac {int} ALLOC_N_UNINITIALIZED(ptr, count) +@defmac {int} ALLOC_N_UNINITIALIZED (ptr, count) @findex ALLOC_N_UNINITIALIZED Allocate an array of @code{count} elements, each @code{sizeof(*ptr)} -bytes long and store the address of allocated memory in -@code{ptr}. The allocated memory is not initialized. +bytes long, and store the address of allocated memory in +@code{ptr}. The allocated memory is not initialized. Returns -1 on failure, 0 on success. @end defmac -@defmac {int} REALLOC_N(ptr, count) +@defmac {int} REALLOC_N (ptr, count) @findex REALLOC_N -Reallocate the memory pointedto by @code{ptr} to be big enough to hold -at least @code{count} elements, each @code{sizeof(*ptr)} bytes long -and store the address of allocated memory in @code{ptr}. If -reallocation fails, the @code{ptr} is not modified. +Reallocate the memory pointed to by @code{ptr} to be big enough to hold +at least @code{count} elements, each @code{sizeof(*ptr)} bytes long, +and store the address of allocated memory in @code{ptr}. If +reallocation fails, the @code{ptr} variable is not modified. Returns -1 on failure, 0 on success. @end defmac -@defmac {void} FREE(ptr) +@defmac {void} FREE (ptr) @findex FREE Free the memory stored in @code{ptr} and set @code{ptr} to @code{NULL}. diff --git a/lib/safe-alloc.c b/lib/safe-alloc.c --- a/lib/safe-alloc.c +++ b/lib/safe-alloc.c @@ -23,12 +23,13 @@ #include +/* Specification. */ +#include "safe-alloc.h" + #include #include #include -#include "safe-alloc.h" - /* Return 1 if an array of N objects, each of size S, cannot exist due to size arithmetic overflow. S must be positive and N must be diff --git a/lib/safe-alloc.h b/lib/safe-alloc.h --- a/lib/safe-alloc.h +++ b/lib/safe-alloc.h @@ -1,5 +1,5 @@ /* - * memory.c: safer memory allocation + * safe-alloc.h: safer memory allocation * * Copyright (C) 2009 Free Software Foundation, Inc. * @@ -108,7 +108,7 @@ # define FREE(ptr) \ do \ { \ - free(ptr); \ + free (ptr); \ (ptr) = NULL; \ } \ while(0) diff --git a/tests/test-safe-alloc.c b/tests/test-safe-alloc.c --- a/tests/test-safe-alloc.c +++ b/tests/test-safe-alloc.c @@ -22,9 +22,10 @@ #include -#include +#include "safe-alloc.h" -#include +#include +#include #define ASSERT(expr) \ do \ @@ -38,9 +39,11 @@ } \ while (0) -int main() +int +main () { - struct tst { + struct tst + { int a; int b; }; @@ -48,16 +51,18 @@ struct tst *p = NULL; int r; - r = ALLOC(p); - ASSERT(r >= 0); + r = ALLOC (p); + ASSERT (r >= 0); - ASSERT(p->a == 0 && p->b == 0); + ASSERT (p->a == 0 && p->b == 0); p->a = p->b = 42; - r = REALLOC_N(p, 5); + r = REALLOC_N (p, 5); - ASSERT(p[0].a == 42 && p[0].b == 42); + ASSERT (p[0].a == 42 && p[0].b == 42); - FREE(p); - ASSERT(p == NULL); + FREE (p); + ASSERT (p == NULL); + + return 0; }