[gst-devel] use of g_alloca

David Schleef ds at schleef.org
Mon Sep 12 11:13:24 CEST 2005 

On Mon, Sep 12, 2005 at 03:56:48PM +0200, Andy Wingo wrote:
> I don't see how these children-playing-with-knives arguments are any
> different than anything else we do in C.

Why do we bother turning on -Wall -Werror?  There's lots of stuff
denied by -Wall that is useful, working, and correct C code -- however,
it's not in the best interest of the project to require coders to
understand why it is correct.  We've decided it's best to just avoid
some of the crummy aspects of the C language.

Many coders would feel uncomfortable with using a fixed-size temporary
array on the stack instead of alloca(), because of potential problems
with limited size decided at compile time.  Using alloca() is *exactly
the same case* [i.e., alloca() takes chunks out a "temporary array" that
is the rest of the stack], except that you have a temporary array whose
size you don't know (and can't calculate), and whose failure mechanisms
are segfaults in outlier cases.  In other words, you get voodoo bug
reports from users.

I'm not saying that all uses of alloca() are bad.  Just enough of
them that we should treat it like it is a -Wall warning.

> Etc, etc, only if you're a moron though. We're not talking about
> allocating buffer data on the stack.

Several years ago, I removed about a dozen uses of alloca in gstreamer,
most of which *were* allocating temporary space the size of a buffer
on the stack.  No checking, nothing.  Sure, our code quality has
improved by then, but one way it improved was by removing alloca()s
that failed for plus-sized buffers.

> Moses, what
> exactly did you do up there on the mountain with God? Seriously.)

I read the Intel and AMD optimization manuals for each CPU cover to
cover.  In at least one of them, it mentions that memory around %esp
is treated differently for caching and then goes on to say "don't put
large data structures on the stack".  No, I don't remember which one.
Also, using alloca() requires the compiler to use a frame pointer
which by default it will not, taking away a valuable register on i386.

[btw, one of the reasons I dislike programming in C++ (and Perl) is
because there's an endless supply of other developers who want to
use ${cool_language_feature} that shows their mastery of the
language... and thereby write code that other people don't understand.
This outcome is to be avoided in open source-projects.]



dave...

-- 
David Schleef
Big Kitten LLC (http://www.bigkitten.com/) -- data acquisition on Linux

More information about the gstreamer-devel mailing list