|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [PATCH 1/4] xen/dmalloc: Introduce dmalloc() APIs
On 23.12.2020 17:34, Andrew Cooper wrote:
> RFC:
> * This probably wants to be less fatal in release builds
I'm not even convinced this wants to be a panic() in debug builds.
> * In an ideal world, we'd also want to count the total number of bytes
> allocated from the xmalloc heap, which would be interesting to print in the
> 'q' debugkey. However, that data is fairly invasive to obtain.
Unless we used an xmem_pool rather than the new interface being
a thin layer around xmalloc(). (This would then also provide
better locality of the allocations, i.e. different domains
wouldn't share allocations from the same page.) And even without
doing so, adding a function to retrieve the actual size
shouldn't be all that difficult - internally xmalloc_tlsf.c
knows the size, after all, for e.g. xrealloc() to work right.
> --- /dev/null
> +++ b/xen/include/xen/dmalloc.h
> @@ -0,0 +1,29 @@
> +#ifndef XEN_DMALLOC_H
> +#define XEN_DMALLOC_H
> +
> +#include <xen/types.h>
> +
> +struct domain;
> +
> +#define dzalloc_array(d, _type, _num) \
While I realize I'll get bashed again, the inconsistency of using
(or not) leading underscores is too odd to not comment upon. I
don't see what use they are here, irrespective of my general view
on the topic.
> + ((_type *)_dzalloc_array(d, sizeof(_type), __alignof__(_type), _num))
> +
> +
> +void dfree(struct domain *d, void *ptr);
May I ask to avoid double blank lines?
> +#define DFREE(d, p) \
> + do { \
> + dfree(d, p); \
> + (p) = NULL; \
> + } while ( 0 )
> +
> +
> +void *_dzalloc(struct domain *d, size_t size, size_t align);
> +
> +static inline void *_dzalloc_array(struct domain *d, size_t size,
> + size_t align, size_t num)
> +{
> + return _dzalloc(d, size * num, align);
No protection at all against the multiplication overflowing?
Jan
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |