From: Jonathan Nieder <jrnieder@gmail.com>
To: Jeff King <peff@peff.net>
Cc: "Martin Ågren" <martin.agren@gmail.com>,
git@vger.kernel.org, "Junio C Hamano" <gitster@pobox.com>
Subject: Re: [PATCH] revision: replace "struct cmdline_pathspec" with argv_array
Date: Wed, 20 Sep 2017 15:48:26 -0700 [thread overview]
Message-ID: <20170920224826.GH27425@aiede.mtv.corp.google.com> (raw)
In-Reply-To: <20170920203659.xqy76bg5nfabvbfx@sigill.intra.peff.net>
Hi,
Jeff King wrote:
> Subject: [PATCH] revision: replace "struct cmdline_pathspec" with argv_array
>
> We assemble an array of strings in a custom struct,
> NULL-terminate the result, and then pass it to
> parse_pathspec().
>
> But then we never free the array or the individual strings
> (nor can we do the latter, as they are heap-allocated when
> they come from stdin but not when they come from the
> passed-in argv).
To be devil's advocate for a moment: why don't we use UNLEAK on the
paths passed in from stdin?
It's true that there can be an unbounded number of them, but they all
coexist in memory anyway. They are not generated dynamically on the
fly. Being able to free them doesn't have any obvious advantage over
using exit().
Except... is the idea that this allows the strings from stdin to be
freed sooner, as soon as they have been parsed into a "struct
pathspec"?
That sounds appealing. The only risk would be if "struct pathspec"
holds on to a pointer to one of these strings.
Fortunately parse_pathspec() is careful to strdup any strings it
borrows (though it is not documented to do so).
In other words, proposed changes:
1. Could the commit message describe what effect this would have on
maximum heap usage, if any? (In qualitative terms is fine, though
actual numbers would be even better if it's easy to get them.)
That would make it easier to justify not using UNLEAK.
2. Can parse_pathspec get a comment in pathspec.h saying that it
defensively copies anything it needs from args so the caller is
free to modify or free it? That way, it should be more obvious
to people in the future modifying parse_pathspec() that callers
may rely on that. (The current API comment describes argv as
"command line arguments", which I fear would send the opposite
message to implementors.)
> Let's swap this out for an argv_array. It does the same
> thing with fewer lines of code, and it's safe to call
> argv_array_clear() at the end to avoid a memory leak.
>
> Reported-by: Martin Ågren <martin.agren@gmail.com>
> Signed-off-by: Jeff King <peff@peff.net>
> ---
> revision.c | 39 +++++++++++----------------------------
> 1 file changed, 11 insertions(+), 28 deletions(-)
The code looks good.
Thanks,
Jonathan
next prev parent reply other threads:[~2017-09-20 22:48 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-09-20 19:47 [PATCH] revision: fix memory leaks with `struct cmdline_pathspec` Martin Ågren
2017-09-20 20:25 ` Jeff King
2017-09-20 20:36 ` [PATCH] revision: replace "struct cmdline_pathspec" with argv_array Jeff King
2017-09-20 22:48 ` Jonathan Nieder [this message]
2017-09-21 3:04 ` Jeff King
2017-09-21 3:49 ` Jonathan Nieder
2017-09-21 4:48 ` Jeff King
2017-09-21 4:41 ` Jonathan Nieder
2017-09-21 4:50 ` Jeff King
2017-09-21 5:10 ` Junio C Hamano
2017-09-21 3:57 ` Martin Ågren
2017-09-21 4:11 ` Junio C Hamano
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170920224826.GH27425@aiede.mtv.corp.google.com \
--to=jrnieder@gmail.com \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=martin.agren@gmail.com \
--cc=peff@peff.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).