archive mirror
 help / color / mirror / Atom feed
From: Junio C Hamano <>
To: Robear Selwans <>
Cc: "Abhishek Kumar" <>,, "René Scharfe" <>,
	"Nguyễn Thái Ngọc Duy" <>,
	"Jeff King" <>,
	"Pratik Karki" <>
Subject: Re: [GSoC][RFC][PATCH 2/2] STRBUF_INIT_CONST: Adapting strbuf_* functions
Date: Tue, 18 Feb 2020 19:13:04 -0800	[thread overview]
Message-ID: <> (raw)
In-Reply-To: <> (Robear Selwans's message of "Wed, 19 Feb 2020 03:43:26 +0200")

Robear Selwans <> writes:

>> Also, isn't "if (sb->alloc < sb->len)" too loose a check for the new
>> feature?  AFAICS in 1/2, a strbuf that is still borrowing a const
>> string always has sb->alloc==0.  Other instances of strbuf that
>> happens to satisify the above condition, e.g. (sb->len == 5 &&
>> sb->alloc == 1), is an error.  If we are to check the condition
>> about sb->len, shouldn't we diagnose such a case as an error, no?
> AFAIK after reading the documentation for `strbuf`, there is no other
> case where `sb->len > sb->alloc` as `alloc` needs to always be more
> than `len`. I'd like to be corrected if mistaken, though.

Yes, but the case that matters to _your_ use is sb->alloc == 0.  You
do not want to let a broken strbuf (presumably broken by changes
other than your own) to pass, when you can detect it.  And for that,
paying attention to sb->len _might_ make sense, but then the check
won't be 

	if (sb->alloc < sb->len)
		make it mutable;

you'd rather be writing something like

	if (!sb->alloc)
		make it mutable;
	else if (sb->alloc < sb->len)
		BUG("somebody fed a corrupt strbuf to me");

If the primary purpose of make_mutable() is *not* about catching
random strbuf corruption, then the whole "else if" part is not
needed, and the check should become a equation only about sb->alloc,
not a comparison between alloc and len (which would trigger for *both*
your const-initialized strbuf *and* a corrupt one you did not anticipate
to see).

  parent reply	other threads:[~2020-02-19  3:13 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-02-18  9:30 [GSoC][RFC][PATCH 2/2] STRBUF_INIT_CONST: Adapting strbuf_* functions Abhishek Kumar
2020-02-18 14:42 ` Robear Selwans
2020-02-18 20:46 ` Junio C Hamano
2020-02-19  1:43   ` Robear Selwans
2020-02-19  2:05     ` Jeff King
2020-02-19  3:13     ` Junio C Hamano [this message]
2020-02-19  4:34       ` Robear Selwans
2020-02-19 10:44         ` Junio C Hamano
  -- strict thread matches above, loose matches on Subject: below --
2020-02-18  4:18 [GSoC][RFC][PATCH 0/2] STRBUF_INIT_CONST Cover Robear Selwans
2020-02-18  4:18 ` [GSoC][RFC][PATCH 2/2] STRBUF_INIT_CONST: Adapting strbuf_* functions Robear Selwans

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \ \ \ \ \ \ \ \ \ \

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).