GNOME Bugzilla – Bug 743640
add __attribute__((cleanup)) support
Last modified: 2015-02-18 18:34:15 UTC
See patches.
Created attachment 295648 [details] [review] G_DECLARE_FINAL_TYPE: trivial fix in docs comment
Created attachment 295649 [details] [review] glib: add support for g_auto() and g_autoptr() Add support to the libglib types for the new cleanup macros.
Created attachment 295650 [details] [review] gobject: add support for g_auto() and g_autoptr() Add support to libgobject types for the new cleanup macros.
Created attachment 295651 [details] [review] G_DECLARE_*_TYPE: add auto cleanup support Automatically add support for the new cleanup macros to the type declaration macros. This is an API break because now your parent class needs to support cleanup if you want to use G_DECLARE_*_TYPE. These macros are only 1 day old, however, so that's probably not a big problem (and we are already busy adding the macros all over GLib and Gtk+).
Review of attachment 295649 [details] [review]: Missing git add? Also, what changed recently to add this to glib? You could at least reference earlier discussions (and other implementations) in the commit message rationale.
(In reply to comment #5) > Also, what changed recently to add this to glib? You could at least reference > earlier discussions (and other implementations) in the commit message > rationale. the patchset is mostly the result of a full day of discussions at the DX hackfest.
Review of attachment 295649 [details] [review]: What file is missing? It looks correct to me. There are a few reasons that I was finally convinced that this is a good idea: - lots of people asking for it - lots of people doing their own copy/paste version in various forms - finally figuring out a nice API for it
You forgot a whole patch. The one that defines G_DEFINE_AUTOPTR_CLEANUP_FUNC(), etc
Created attachment 295668 [details] [review] macros: add support for GNUC cleanup __attribute__ Add g_auto() and g_autoptr() as helpers for declaring variables with automatic cleanup. Add some macros to help types define cleanup funcs for themselves. Going forward it will be an expectation that people use this macro when creating a new type.
Silly me -- that last patch ought to go before the others, clearly...
(In reply to comment #7) > Review of attachment 295649 [details] [review]: > > What file is missing? It looks correct to me. > > There are a few reasons that I was finally convinced that this is a good idea Ok, that's what I'm asking for in the commit message. Or the bugzilla entry. Just cite previous work, how your patch set compares to them, how it improves on them, etc. How it avoids (or doesn't) any previous concerns. For example: https://mail.gnome.org/archives/gtk-devel-list/2011-November/msg00050.html https://wiki.gnome.org/Projects/LibGSystem
Review of attachment 295668 [details] [review]: ::: glib/gmacros.h @@ +395,3 @@ +#else /* not GNU C */ + +#define G_DEFINE_AUTOPTR_CLEANUP_FUNC(TypeName, func) That's going to be a recipe for memory leaks in everyone's code if they later port to Windows/MSVC. Just #error? Better, require clients to explicitly: #include <glib/gcleanup.h> or so? And #error out if they're not supported.
(In reply to comment #12) > Review of attachment 295668 [details] [review]: > That's going to be a recipe for memory leaks in everyone's code if they later > port to Windows/MSVC. > > Just #error? > > Better, require clients to explicitly: > > #include <glib/gcleanup.h> > > or so? And #error out if they're not supported. These are the macros that need to be used by various types to declare their own cleanup functions. We want people to always use those. The user-side macros are g_auto() and g_autoptr() and those are not defined at all on !GNUC. That will result in an error happening there if you try to use them.
I feel like you should require the user to -DG_REQUIRE_GCC or something like that, to make absolutely certain that they know they are requiring gcc support, and that they are OK with that. Although that won't save you from accidentally linking to a library that requires cleanup support, and only finding out later that that means you've given up on portability. Or in other words, what Colin said. Please explain why this isn't a bad idea, given that it was generally agreed before that it was.
(In reply to comment #14) > I feel like you should require the user to -DG_REQUIRE_GCC or something like > that, to make absolutely certain that they know they are requiring gcc support, > and that they are OK with that. Or maybe more like -DI_SWEAR_I_WONT_USE_MSVC ? There is only one problematic compiler here, right ?
Review of attachment 295668 [details] [review]: ::: glib/docs.c @@ +2394,3 @@ + * check_exists(GVariant *dict) + * { + * g_autoptr(GVariant) dirname; Not having to duplicate the type is very nice, and I have had bugs before where I've used `gs_free` on a GObject, etc. Normally caught by test cases pretty quickly though. My only concern here is that developer tools are not going be aware of the syntax. For example, Emacs no longer highlights this correctly. Which honestly is an OK tradeoff versus always correct unrefs and less typing.
(In reply to comment #14) > Although that won't save you from accidentally linking to a library that > requires cleanup support, and only finding out later that that means you've > given up on portability. That's a concern but I think (personally) not one that should block this. There's just no way around it. You, I, and many other people maintain code that uses GLib on Linux/gcc only. For example, there's also tracker. Authors of these projects should be able to make use of the cleanup macros, and that was my intent with libgsystem. I don't oppose migration to glib, see below: > Or in other words, what Colin said. Please explain why this isn't a bad idea, > given that it was generally agreed before that it was. To be clear I wasn't saying it was a bad idea, just that I'd have liked at least a little bit of an effort to describe the rationale behind the patches.
Created attachment 295732 [details] [review] Add support for g_autoptr()
Last patch is for Gtk+/Gdk. I'd like to say that this work i heavily inspired by using the code in libgsystem. The current code is not really related, or similar, but having used the libgsystem version is like crack-cocaine which made me approach ryan to try to get a version of this into glib so that we don't have to duplicate this in a lot of other modules.
Attachment 295649 [details] pushed as 6638346 - glib: add support for g_auto() and g_autoptr() Attachment 295650 [details] pushed as 3d5de34 - gobject: add support for g_auto() and g_autoptr() Attachment 295651 [details] pushed as 8ea414c - G_DECLARE_*_TYPE: add auto cleanup support Attachment 295668 [details] pushed as 2596919 - macros: add support for GNUC cleanup __attribute__ Pushed, along with an extra patch for GIO and some changes to avoid deprecation warnings.
Thanks, the new commit message in https://git.gnome.org/browse/glib/commit/?id=2596919c58a364243196e65a9adda693448139f7 makes me happy!
Hi, Just found out about this from GNOME Planet, just wanted to double check, whether not using these macros for libs are only supposed to be allowed in non-Windows software and libs, or is it going to be open to all? I am a bit worried about the leak issues on non-gcc, there are quite a bit of people using gcc-built GLib, etc in their projects (which uses msvc), or msvc ports of software show up for them later, for example? Please bear with my ignorance here, but just wanted to be clear about this on my part. With blessings, thank you.
the macros have been added only for code that is not meant to strictly be portable, unless portability also includes the toolchain used to compile it. the documentation explicitly notes this: * This feature is only supported on GCC and clang. This macro is not * defined on other compilers and should not be used in programs that * are intended to be portable to those compilers. if somebody is using this feature in code that is supposed to be compiled with other compilers, the missing symbol will generate an error. since GLib (and GTK+) support non-GCC compatible compilers, neither GLib nor GTK+ will use g_auto() and g_autoptr() internally. generally speaking, if a project starts with no support for non-GCC compatible compilers and uses these macros, any later effort to add support for non-GCC compatible compilers will also need to undo the use of g_auto() and g_autoptr().
To be even more clear: these macros will _not_ be used in GLib, Gtk+, or related libraries.
Hello Ryan.Emmanuele, Thanks for bearing with me by letting me know and the assurance here! With blessings, thank you!
Hi, Unfortunately the macros broke the build, as I am getting: error C4002: too many actual parameters for macro 'G_DEFINE_AUTO_CLEANUP_FREE_FUNC', and it seems that G_DEFINE_AUTO_CLEANUP_FREE_FUNC was declared as: #define G_DEFINE_AUTO_CLEANUP_FREE_FUNC(TypeName, func, none) [for GCC] #define G_DEFINE_AUTO_CLEANUP_FREE_FUNC(TypeName, func) [for non-GCC] Does 'none" have a special meaning under GCC, by any chance? I will try to come up with patches to address non-GCC builds. With blessings.
Created attachment 295912 [details] [review] gmacros.h: Fix G_DEFINE_AUTO* definitions for non-GCC Hi, As gtypes.h is using the G_DEFINE_AUTO macros to wrap the boilerplate code, the build breaks in its current form on non-GCC (specifically, doing a typedef to nothing and trying to declare functions with no name). In order to remedy for this, I thought: -Use another (private) wrapper macro to wrap the calls to declare cleanup typedefs and functions on GCC (which is defined as nothing on non-GCC. -Fix the declaration of G_DEFINE_AUTO_CLEANUP_FREE_FUNC on non-GCC using ... for the second argument (and possibly beyond). We can't just put a third argument there as it seems the third one is optional. This is my patch for this part. The updates for gtype.h will come in a bit. With blessings, thank you!
Created attachment 295913 [details] [review] gtype.h: Fix G_DECLARE_FINAL_TYPE and G_DECLARE_DERIVABLE_TYPE for !GCC Hi, This is the update to gtype.h fixing the build on non-GCC. Specifically, this uses the private wrapper macro in attachment 295912 [details] [review], to only define the items for the typedef and the function for cleanup on GCC. With blessings, thank you!
Review of attachment 295913 [details] [review]: This patch doesn't make sense. I'm pretty sure the problem is just the missing extra macro parameter?...
Created attachment 295919 [details] [review] fix G_DEFINE_AUTO_CLEANUP_FREE_FUNC on non-GCC Add the missing 'none' argument to this macro in the non-GCC case. The none parameter was added after the others and I forgot to update the non-GCC case.
Comment on attachment 295919 [details] [review] fix G_DEFINE_AUTO_CLEANUP_FREE_FUNC on non-GCC Attachment 295919 [details] pushed as 57a49f6 - fix G_DEFINE_AUTO_CLEANUP_FREE_FUNC on non-GCC
Created attachment 295920 [details] [review] gmacros.h: Fix G_DEFINE_AUTO* definitions for non-GCC Hello Ryan, Is the rest of attachment 295912 [details] [review]ok though? With blessings, thank you!
I pushed the gtk+ support patches to master. We probably want to do pango and atk too.
Comment on attachment 295912 [details] [review] gmacros.h: Fix G_DEFINE_AUTO* definitions for non-GCC I understand the problem now -- I missed this patch because it got marked as obsolete. This is clearly needed (and an oversight on my part). Maybe we can give it a more specific name, though, like _GLIB_DEFINE_AUTOPTR_CHAINUP or something like that.
(In reply to comment #33) > I pushed the gtk+ support patches to master. We probably want to do pango and > atk too. Typo in include file from https://git.gnome.org/browse/gtk+/diff/gdk/x11 /gdkx.h?id=a71ff332660a7d6c155eb04c92936c618ae80cf8, see http://build.gnome.org/continuous/buildmaster/builds/2015/02/02/20/build/log-totem.txt
(In reply to comment #35) > (In reply to comment #33) > > I pushed the gtk+ support patches to master. We probably want to do pango and > > atk too. > > Typo in include file from > https://git.gnome.org/browse/gtk+/diff/gdk/x11 > /gdkx.h?id=a71ff332660a7d6c155eb04c92936c618ae80cf8, see > http://build.gnome.org/continuous/buildmaster/builds/2015/02/02/20/build/log-totem.txt It looks to me that gdk/x11/gdkx-autocleanups.h wasn't included in gdk/x11/Makefile.am
Created attachment 295935 [details] [review] gtkx: add missing header The header file gdk/x11/gdkx-autocleanups.h is not installed, but it is required by gdkx.h
Created attachment 295936 [details] [review] gtkx: add missing header The header file gdk/x11/gdkx-autocleanups.h is not installed, but it is required by gdkx.h
(In reply to comment #38) > Created an attachment (id=295936) [details] [review] > gtkx: add missing header > > The header file gdk/x11/gdkx-autocleanups.h is not installed, but > it is required by gdkx.h Right, that fixed my local build, please push
Created attachment 295954 [details] [review] gmacros.h: Add Private Macro for use in gtype.h to conditionally define items for __attribute__((cleanup)) on GCC only Hello Ryan, (In reply to comment #34) > (From update of attachment 295912 [details] [review]) > I understand the problem now -- I missed this patch because it got marked as > obsolete. Oops, I mistakenly saw that it was 295912 that was rejected, so I made that obsolete as a result (though 295913 is necessary, as it appeared to you too). This is my updated patch with the suggested macro name change. With blessings, thank you!
Created attachment 295955 [details] [review] gtype.h: Fix G_DECLARE_FINAL_TYPE and G_DECLARE_DERIVABLE_TYPE definitions on non-GCC Hi, This is the patch needed for gtype.h for G_DECLARE_FINAL_TYPE and G_DECLARE_DERIVABLE_TYPE so that it uses the private macro in gmacros.h to only try to use items meant for __attribute__((cleanup)) on GCC only. With blessings, thank you!
Review of attachment 295954 [details] [review]: Looks good -- please push this with the trivial change suggested below. ::: glib/gmacros.h @@ +381,3 @@ #define _GLIB_AUTO_FUNC_NAME(TypeName) glib_auto_cleanup_##TypeName #define _GLIB_CLEANUP(func) __attribute__((cleanup(func))) +#define _GLIB_DEFINE_AUTOPTR_CHAINUP(ModuleObjName,ParentName) \ you're missing a space in the argument list @@ +406,2 @@ #else /* not GNU C */ +/* this (dummy) macro is private */ thanks for the comments here
Review of attachment 295955 [details] [review]: ::: gobject/gtype.h @@ +1392,3 @@ typedef struct { ParentName##Class parent_class; } ModuleObjName##Class; \ \ + _GLIB_DEFINE_AUTOPTR_CHAINUP (GListStore, GObject); \ This is not correct. You should not be hardcoding GListStore and GObject here....
Review of attachment 295954 [details] [review]: Hello Ryan, Thanks for the review, the patch (with the change suggested) was pushed as 696db756. With blessings, thank you!
Created attachment 296006 [details] [review] gtype.h: Fix G_DECLARE_FINAL_TYPE and G_DECLARE_DERIVABLE_TYPE definitions on non-GCC (after fixing a pretty obvious mistake) Hello Ryan, (In reply to comment #43) > This is not correct. You should not be hardcoding GListStore and GObject > here.... Doh! I made the patch in a rush for this and did something seriously bad like this. Sorry about this. Here comes the new patch for this that should now be correct. With blessings, thank you!
Review of attachment 296006 [details] [review]: Please commit with the changes below. ::: gobject/gtype.h @@ +1392,3 @@ typedef struct { ParentName##Class parent_class; } ModuleObjName##Class; \ \ + _GLIB_DEFINE_AUTOPTR_CHAINUP (ModuleObjName, ParentName); \ The extra semicolon will cause problems here. Please remove it. @@ +1482,3 @@ struct _##ModuleObjName { ParentName parent_instance; }; \ \ + _GLIB_DEFINE_AUTOPTR_CHAINUP (ModuleObjName, ParentName); \ ditto
Review of attachment 296006 [details] [review]: Hello Ryan, Thanks for the review, the patch was pushed as 6161b285, with the changes you mentioned. With blessings, thank you!
Ok, three issues I've hit trying to use this in practice, which make want to argue for "generic" variants of this: First, I don't understand the rationale behind _CHAINUP. - You always use g_object_unref to clean up any GObject; no object should have its own special cleanup - You get a static inline for each step in the inheritance hierarchy that merely calls its parent. Granted, optimized builds should squash all of that into one call to g_object_unref()...but it's just unnecessary. - Most importantly, it makes it hard for me to backport this because I would have to define chainups for all my parent classes. Why not just have g_autoobj() ? Second, I use multiple types that are just free() able. Having to define a free function for e.g. "guint8*" is a bit annoying. How about g_autofree() ? Third, I have a cleanup macro now for file descriptors - but I don't want to define a cleanup for all "int". (Having a custom typedef for file descriptors would be possible...I'm debating it. It would feel weird.) Similarly then, g_autofd() (in glib-unix.h)?
(In reply to Colin Walters from comment #48) > Ok, three issues I've hit trying to use this in practice, which make want to > argue for "generic" variants of this: > > First, I don't understand the rationale behind _CHAINUP. > - You always use g_object_unref to clean up any GObject; no object should > have its own special cleanup G_DECLARE_TYPE and G_DECLARE_INTERFACE work with non-GObject type instances and non-GObject-prerequisite interfaces. > Second, I use multiple types that are just free() able. Having to define a > free function for e.g. "guint8*" is a bit annoying. How about g_autofree() ? This might indeed make sense, but we might also just consider flushing out a few of our base types using 'free' as a reasonable default. > Third, I have a cleanup macro now for file descriptors - but I don't want to > define a cleanup for all "int". (Having a custom typedef for file > descriptors would be possible...I'm debating it. It would feel weird.) > Similarly then, g_autofd() (in glib-unix.h)? This is one of the several reasons that glib will soon grow ghandle. On win32, this will CloseHandle() and on unix it will close().
(In reply to Ryan Lortie (desrt) from comment #49) > (In reply to Colin Walters from comment #48) > > Ok, three issues I've hit trying to use this in practice, which make want to > > argue for "generic" variants of this: > > > > First, I don't understand the rationale behind _CHAINUP. > > - You always use g_object_unref to clean up any GObject; no object should > > have its own special cleanup > > G_DECLARE_TYPE and G_DECLARE_INTERFACE work with non-GObject type instances > and non-GObject-prerequisite interfaces. Sure, but how many of those are there? GstMiniObject? For the projects which aren't using GStreamer, I suspect the only type they use that isn't boxed is GObject, right? > This might indeed make sense, but we might also just consider flushing out a > few of our base types using 'free' as a reasonable default. I also use "char" in preference to "gchar" in my code - basically I only use the GLib typedefs when they're *less* typing than normal. I'm definitely in the "gint is unnecessary" camp, but "guint64" is fine. > This is one of the several reasons that glib will soon grow ghandle. On > win32, this will CloseHandle() and on unix it will close(). Ok. I can get used to a typedef for fds I guess.
(In reply to Colin Walters from comment #50) > Sure, but how many of those are there? GstMiniObject? For the projects > which aren't using GStreamer, I suspect the only type they use that isn't > boxed is GObject, right? G_DEFINE_TYPE works for these so it would be pretty awkward if G_DECLARE_TYPE didn't work as well. > I also use "char" in preference to "gchar" in my code - basically I only use > the GLib typedefs when they're *less* typing than normal. I'm definitely in > the "gint is unnecessary" camp, but "guint64" is fine. You just found a reason that gchar is less typing again :)
(In reply to Ryan Lortie (desrt) from comment #51) > (In reply to Colin Walters from comment #50) > > Sure, but how many of those are there? GstMiniObject? For the projects > > which aren't using GStreamer, I suspect the only type they use that isn't > > boxed is GObject, right? > > G_DEFINE_TYPE works for these so it would be pretty awkward if > G_DECLARE_TYPE didn't work as well. The number of glib-using apps that need Windows support is several orders of magnitude larger than the number of glib-using apps that define non-GObject-non-boxed types. If we're happy adding cleanup to simplify Linux-only apps at the expense of portable apps, then we should be even happier to simplify GObject-only apps at the expense of non-gobject-non-boxed-type-using apps (of which I only know of two, one of which supports Windows anyway).
Created attachment 296873 [details] [review] Add g_autofree, drop g_autoptr(char) The g_autoptr() being associated with the type name works out really well for things like GHashTable. However, it's a bit more awkward to associate with "gchar". Also because one can't use "char". Similarly, there are a lot of other "bare primitive array" types that one might reasonably use. Further, it's quite common to get types from other non-GLib C libraries that are freed via free(). If one assumes that g_malloc() -> malloc() (which honestly, is the only sane way to go), then g_autofree() can conveniently be used for e.g. libselinux security_context_t, etc. Also while we're here, add a test case for the cleanup bits.
(In reply to Dan Winship from comment #52) > The number of glib-using apps that need Windows support is several orders of > magnitude larger than the number of glib-using apps that define > non-GObject-non-boxed types. If we're happy adding cleanup to simplify > Linux-only apps at the expense of portable apps, then we should be even > happier to simplify GObject-only apps at the expense of > non-gobject-non-boxed-type-using apps (of which I only know of two, one of > which supports Windows anyway). Except in this case it's not a choice. We can support both, with very little extra pain -- the only requirement is that your parent class support autoptr already, which every class ought to be doing anyway. If we do decide to intentionally break this macro for non-GObject then how do you propose we'd go about that? I'm not sure I know of any way that we could force this to only work for GObject. We'd end up with a type declaration that works completely fine, but crashes the first time someone tries to use an autoptr for it. I suppose we could rename it to have 'object' in the name, but that would make it inconsistent with G_DEFINE_TYPE (which arguably should have been G_DEFINE_OBJECT_TYPE). It's also getting a bit late in the game for this... Also: keep in mind that this feature is no major blocker for anyone -- if you can't use it then you can always continue to do what everyone was happy to do until a few weeks ago before this landed. Eventually the base libraries will get properly plumbed with this stuff and then we won't have to worry about compatibility to old versions. Decreasing the generality of this macro in order to relieve some temporary pain seems a bit shortsighted... I also don't consider the "save a few lines that you would have copy/pasted anyway" nature of this to be on the same order as the usefulness of g_autoptr().
Review of attachment 296873 [details] [review]: I'm just not sure this is needed right now. It was never the intention that g_autoptr() would work with absolutely everything out of the box. This is why G_DEFINE_AUTOPTR_CLEANUP_FUNC() is a public API. It is intended that people use this. I've been writing some code that makes use of sqlite lately, and I don't find it strange at all that I should have to write G_DEFINE_AUTOPTR_CLEANUP_FUNC(sqlite3_stmt, sqlite3_finalize) G_DEFINE_AUTOPTR_CLEANUP_FUNC(sqlite3, sqlite3_close_v2) in order to be able to use the macros... It is intended that people proceed like this, in a typesafe way, rather than introducing an adhoc macro that can cover all of the cases, including the wrong ones. ::: glib/glib-autocleanups.h @@ +23,3 @@ +static inline void +g_autoptr_cleanup_generic_gfree (void *p) I'm very concerned about the lack of typesafety here. In theory this would work even for an integer.
(In reply to Ryan Lortie (desrt) from comment #55) > I've been writing some code that makes use of sqlite lately, and I don't > find it strange at all that I should have to write > > G_DEFINE_AUTOPTR_CLEANUP_FUNC(sqlite3_stmt, sqlite3_finalize) > G_DEFINE_AUTOPTR_CLEANUP_FUNC(sqlite3, sqlite3_close_v2) I agree - the autoptr works well for those! This patch is an additional option for things that are freed with {g_,}free. If you really want I can keep the define for "gchar". > I'm very concerned about the lack of typesafety here. In theory this would > work even for an integer. Well, this is C - there's a lot of non-typesafe things. I mean, we have g_object_unref() take a gpointer too. A number of codebases quite successfully use "cleanup attribute style" - systemd, ostree, librepo, PackageKit, etc. Again, I'm not arguing against autoptr, but for also having the attribute style for the very massive common case of "free()" (and possibly gobject). Remember I've been using cleanup macros a *lot* over the past few years.
The other aspect to this is that g_autoptr(GVariant) and g_autoptr(gchar) are fundamentally different in that GVariant is *always* heap allocated. So conceptually, the "*" is visually redundant. But there's a very important difference between "char" and "char*" obviously. And it's not uncommon to see both. Having the '*' "hidden" by g_autoptr breaks my visual scan. I have to stop and think. Whereas when I see "GVariant" I just know it's a pointer, I don't even need to parse the "ptr" name in the macro.
The new file glib/glib-autocleanups.h causes a compile error, when building glibmm. See bug 743349 comment 16.
Alex, Richard, can you guys weigh in here on comment #55 and comment #56? I'd really like to get this figured out given the freeze cycle.
Ya, _cleanup_free_ means that I can do something like: _cleanup_free_ guint8 *buffer = g_new0(guint8, 256); ...which I use a *lot*. I think we need both styles, really.
Created attachment 297096 [details] [review] Add g_autofree This patch keeps g_autoptr(gchar), even though I think it's awkward and strange. This is blocking my migration to the new cleanup APIs.
I consider this bug closed, and I'm not totally sold on the need for the other macros (which are absolutely an additional feature and should be discussed in a separate bug).