From owner-freebsd-stable@FreeBSD.ORG Mon Feb 25 00:28:58 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 35F37828 for ; Mon, 25 Feb 2013 00:28:58 +0000 (UTC) (envelope-from mauzo@anubis.morrow.me.uk) Received: from isis.morrow.me.uk (isis.morrow.me.uk [204.109.63.142]) by mx1.freebsd.org (Postfix) with ESMTP id E1CCDFE2 for ; Mon, 25 Feb 2013 00:28:57 +0000 (UTC) Received: from anubis.morrow.me.uk (host109-150-212-220.range109-150.btcentralplus.com [109.150.212.220]) (Authenticated sender: mauzo) by isis.morrow.me.uk (Postfix) with ESMTPSA id 2B248450CE; Mon, 25 Feb 2013 00:28:54 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.7.4 isis.morrow.me.uk 2B248450CE DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=morrow.me.uk; s=dkim201101; t=1361752135; bh=43Mp0h844cIux3EZu/0Z964JKHBymPbJTc93SXjbto0=; h=Date:From:To:Subject:References:In-Reply-To; b=osDlafs4Pdl4dIP/kf7mDDxobR0arSIlU8NIrKBaCQvmWF71PBBZ2XcFtt3OMSB7w LLeVA1XoIvh9yyqtMcu5lHgCJqZP9enqShAVg1bWBQQJmlkgvd8+RiStQC6bHr0rYh xgaz6U97pWpP0GxBf+t/AUQbrSd97Xn4XyaT6Wvg= X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.97.6 at isis.morrow.me.uk Received: by anubis.morrow.me.uk (Postfix, from userid 5001) id E5A7D9240; Mon, 25 Feb 2013 00:28:51 +0000 (GMT) Date: Mon, 25 Feb 2013 00:28:51 +0000 From: Ben Morrow To: jdc@koitsu.org, freebsd-stable@freebsd.org Subject: Re: svn - but smaller? Message-ID: <20130225002847.GA42160@anubis.morrow.me.uk> References: <1359380582-6256705.77592125.fr0SDgrYH000991@rs149.luxsci.com> <20130224031509.GA47838@icarus.home.lan> <20130224041638.GA51493@icarus.home.lan> <20130224063110.GA53348@icarus.home.lan> <1361726397.16937.4.camel@revolution.hippie.lan> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20130224212436.GA13670@icarus.home.lan> X-Newsgroups: gmane.os.freebsd.stable Organization: morrow.me.uk User-Agent: Mutt/1.5.21 (2010-09-15) X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 25 Feb 2013 00:28:58 -0000 Quoth Jeremy Chadwick : > On Sun, Feb 24, 2013 at 10:19:57AM -0700, Ian Lepore wrote: > > On Sat, 2013-02-23 at 22:31 -0800, Jeremy Chadwick wrote: > > > > > > Also, John, please consider using malloc(3) instead of heap-allocated > > > buffers like file_buffer[6][] (196608 bytes) and command[] (32769 > > > bytes). I'm referring to this: > > > > Why? I absolutely do not understand why people are always objecting to > > large stack-allocated arrays in userland code (sometimes with the > > definition of "large" being as small as 2k for some folks). > > This is incredibly off-topic, but I'll bite. > > I should not have said "heap-allocated", I was actually referring to > statically-allocated. > > The issues as I see them: > > 1. Such buffers exist during the entire program's lifetime even if they > aren't actively used/needed by the program. With malloc(3) and friends, > you're allocating memory dynamically, and you can free(3) when done with > it, rather than just having a gigantic portion of memory allocated > sitting around potentially doing nothing. If the 'allocated' memory isn't touched, it will never be paged in. Even once it is paged in, if it then goes back to being unused it can be paged out to swap (when necessary) and then stay there. (It would be nice if there were some way to tell the system 'this memory is dead, don't write it out to swap', but I don't think there is.) Of course, you may get up to two pages of an object paged in just because some other object on the same page was touched, but 'two pages' is not a lot of memory to waste (especially given that you're saving the malloc overhead). I don't know if the compiler is clever enough to page-align large static allocations; that would reduce the potential waste to one page. > 2. If the length of the buffer exceeds the amount of stack space > available at the time, the program will run but the behaviour is unknown > (I know that on FreeBSD if it exceeds "stacksize" per resource limits, > the program segfaults at runtime). With malloc and friends you can > gracefully handle allocation failures. (SIGSEGV on stack overflow is specified by POSIX, including the fact that the signal must be fatal unless the signal handler uses an alternate stack.) Statically-allocated objects are not allocated on the stack, they are allocated in the bss or data sections of the executable. When it is possible and reasonable to do so, it's actually better to allocate all memory statically, as then once the process has started successfully you can be certain it won't fail because of a memory shortage. Large auto objects (including alloca) *are* dangerous. > 3. Statically-allocated buffers can't grow; meaning what you've > requested size-wise is all you get. Compare this to something that's > dynamic -- think a linked list containing pointers to malloc'd memory, > which can even be realloc(3)'d if needed. Under many circumstances a statically-allocated fixed-size buffer, *if properly used*, is safer than a potentially-unbounded malloced one. Of course, it's possible to put limits on the size of a malloced buffer as well, but (given that parts of the buffer you don't use won't ever be paged in) there isn't much advantage in doing so. Fixed allocations are only useful in small, single-use programs where you can accurately predict the memory requirements in advance. I wouldn't be surprised if svnsup fell into that bracket. Ben