From: "Martin Ågren" <martin.agren@gmail.com>
To: git@vger.kernel.org
Cc: Johannes Schindelin <johannes.schindelin@gmx.de>
Subject: [PATCH] sequencer: clarify intention to break out of loop
Date: Sun, 28 Oct 2018 16:31:45 +0100 [thread overview]
Message-ID: <20181028153145.25734-1-martin.agren@gmail.com> (raw)
When we find a space, we set `len = i`, which gives us the answer we are
looking for, but which also breaks out of the loop through these steps:
1. `len = i`
2. `i = i + 1`
3. Is `i < len`? No, so break out.
Since `i` is signed, step 2 is undefined if `i` has the value `INT_MAX`.
It can't actually have that value, but that doesn't stop my copy of gcc
7.3.0 from throwing the following:
> sequencer.c:2853:3: error: assuming signed overflow does not occur when
> assuming that (X + c) < X is always false [-Werror=strict-overflow]
> for (i = 0; i < len; i++)
> ^~~
That is, the compiler has realized that the code is essentially
evaluating "(len + 1) < len" and that for `len = INT_MAX`, this is
undefined behavior. What it hasn't figured out is that if `i` and `len`
are both `INT_MAX` after step 1, then `len` must have had a value larger
than `INT_MAX` before that step, which it can't have had.
Let's be explicit about breaking out of the loop. This helps the
compiler grok our intention. As a bonus, it might make it (even) more
obvious to human readers that the loop stops at the first space.
While at it, reduce the scope of `i`.
Signed-off-by: Martin Ågren <martin.agren@gmail.com>
---
sequencer.c | 10 +++++++---
1 file changed, 7 insertions(+), 3 deletions(-)
diff --git a/sequencer.c b/sequencer.c
index 0c164d5f98..a351638ad9 100644
--- a/sequencer.c
+++ b/sequencer.c
@@ -2829,7 +2829,7 @@ static int do_reset(const char *name, int len, struct replay_opts *opts)
struct tree_desc desc;
struct tree *tree;
struct unpack_trees_options unpack_tree_opts;
- int ret = 0, i;
+ int ret = 0;
if (hold_locked_index(&lock, LOCK_REPORT_ON_ERROR) < 0)
return -1;
@@ -2849,10 +2849,14 @@ static int do_reset(const char *name, int len, struct replay_opts *opts)
}
oidcpy(&oid, &opts->squash_onto);
} else {
+ int i;
/* Determine the length of the label */
- for (i = 0; i < len; i++)
- if (isspace(name[i]))
+ for (i = 0; i < len; i++) {
+ if (isspace(name[i])) {
len = i;
+ break;
+ }
+ }
strbuf_addf(&ref_name, "refs/rewritten/%.*s", len, name);
if (get_oid(ref_name.buf, &oid) &&
--
2.19.1.593.gc670b1f876.dirty
next reply other threads:[~2018-10-28 15:32 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-10-28 15:31 Martin Ågren [this message]
2018-10-28 19:01 ` [PATCH] sequencer: clarify intention to break out of loop Eric Sunshine
2018-10-28 20:37 ` Martin Ågren
2018-10-29 3:43 ` Junio C Hamano
2018-10-30 8:09 ` [PATCH v2] sequencer: break out of loop explicitly Martin Ågren
2018-10-31 14:54 ` Johannes Schindelin
2018-10-31 17:28 ` Eric Sunshine
2018-10-31 18:41 ` Martin Ågren
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20181028153145.25734-1-martin.agren@gmail.com \
--to=martin.agren@gmail.com \
--cc=git@vger.kernel.org \
--cc=johannes.schindelin@gmx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).