cleanups: next steps

Tom Tromey tromey@redhat.com
Wed Apr 18 14:52:00 GMT 2012 

>>>>> "Doug" == Doug Evans <dje@google.com> writes:

Doug> btw, this is why I like nullify_cleanup:  I can discard a cleanup
Doug> without having to be cognizant of the chain, with discard_cleanups I
Doug> have to understand the entire function, not just the cleanup I'm
Doug> interested in.  I think that would be more robust in the face of
Doug> changes to the function.  But I can also understand not wanting to
Doug> extend the API.

Yeah, when you put it this way, it makes sense to me.

Doug> I was thinking, IWBN if cleanups were recorded differently so that the
Doug> result of make_cleanup was the handle of that cleanup.  I think the
Doug> intuitive sense of cleanups would go up, and that could lead to fewer
Doug> issues.  [I don't know that it would, but I like the improvement in
Doug> sensibility of what the result of make_cleanup is.]

I think from the point of view of the text of the program, the return
value shouldn't matter, as it is just a cookie.

But yeah, when debugging gdb it would be nice to be able to print the
cookie and see the actual cleanup in question, not some other object.

Doug> I was trying to think of a good use of gcc's cleanup attribute (as
Doug> only a correctness checking mechanism since it's non-portable).
Doug> Nothing came to mind.

I guess we could use it to (dynamically) enforce cleanup handling rules
on functions that are "normal" cleanup users.  I was planning to do this
with a C++ object as a step in C++-ification.


My working rule (which I've posted before, but which I don't recall
having ever been discussed in any real way; see the cleanups static
analyzer post) has been that there should be two kinds of
cleanup-creating functions in gdb: functions that return a new cleanup,
and functions that either invoke or discard all cleanups they created.
(We do have a few functions that make dangling cleanups; but I consider
this quite confusing and IIRC it has caused memory leaks in the past.)

So, the idea would be to find all such normal cleanup users and insert
an object declaration right at the beginning.  This object would just be
a placeholder that would capture the cleanup chain at the point of
entry, and then use its destructor to verify that the right semantics
were used.

For C++ this is just a stepping stone to replacing most cleanups with
plain old RAII.  If we're sticking with C then I guess this technique
could be used as an extra sanity check, say by having a simple
declaration macro we can stick at the start of functions.

Tom

More information about the Gdb-patches mailing list