git.samba.org - metze/samba/wip.git/commit

author	Stefan Metzmacher <metze@samba.org>
	Mon, 2 Feb 2009 12:12:07 +0000 (12:12 +0000)
committer	Stefan Metzmacher <metze@samba.org>
	Fri, 24 Jul 2009 08:45:52 +0000 (10:45 +0200)
commit	890d0a33961963cc3f3b351b9e0328c08cd20c47
tree	e6dfbb2ae549fd64bc61942892e26a45fa9a4646	tree
parent	1b4bdd20e41c7d201f4d70fb31dd00562e4eaf6f	commit \| diff

talloc: prevent reference promotion to owner

The new rules are:

1. if you talloc() you must make preparation to free.
Usually the allocating reference being freed is enough, otherwise
explicitly talloc_free.

2. if you talloc_steal you must make preparation to free.
Usually the stealing reference being freed is enough, otherwise
explicitly talloc_free.

3. if you talloc_reference something you must make preparation to
remove the reference. Usually the reference itself being freed
is enough

4. you only call talloc_free once, on behalf of the allocator
or the stealer. If you want to remove a reference, then use
talloc_unreference

5. A function that calls talloc_free on an object has by definition
a passing-of-ownership in it's operation, and callers of the
function ought to be aware of this.

6. the destructor is called when the object is freed, not when
you call talloc_free. References might keep it alive for quite a while.

Started-by: Sam Liddicott <sam@liddicott.com>
Finished-by: Stefan Metzmacher <metze@samba.org>
metze

lib/talloc/talloc.c		diff \| blob \| history
lib/talloc/talloc.h		diff \| blob \| history
lib/talloc/testsuite.c		diff \| blob \| history