Re: [PATCH v1] convert log_ref_write_fd() to use strbuf

[Jeff King <peff@peff.net>]

On Tue, Jul 10, 2018 at 06:20:22PM +0000, Ben Peart wrote:

> log_ref_write_fd() was written long before strbuf was fleshed out. Remove
> the old manual buffer management code and replace it with strbuf(). Also
> update copy_reflog_msg() which is called only by log_ref_write_fd() to use
> strbuf as it keeps things consistent.

Yay! In all of my buffer size auditing over the years, I've repeatedly
come across this "+ 100" but it never quite made the cut for fixing,
since it wasn't (yet) actually broken. Thanks for tackling it.

> -int copy_reflog_msg(char *buf, const char *msg)
> +void copy_reflog_msg(struct strbuf *sb, const char *msg)

Glad to see this "int" go; it should have been size_t anyway.

>  {
> -	char *cp = buf;
>  	char c;
>  	int wasspace = 1;
>  
> -	*cp++ = '\t';
> +	strbuf_addch(sb, '\t');
>  	while ((c = *msg++)) {
>  		if (wasspace && isspace(c))
>  			continue;
>  		wasspace = isspace(c);
>  		if (wasspace)
>  			c = ' ';
> -		*cp++ = c;
> +		strbuf_addch(sb, c);
>  	}

This is all fairly straight-forward.

> -	while (buf < cp && isspace(cp[-1]))
> -		cp--;
> -	*cp++ = '\n';
> -	return cp - buf;
> +	strbuf_rtrim(sb);

Using rtrim is a nice reduction in complexity. A pure translation would
include a final strbuf_addch(sb, '\n'). It looks like you moved that to
the caller. There's only one, so that's OK now, but it may affect topics
in flight (and I do in fact have an old topic that calls it).

But I think it's OK, as the change in function signature means that any
callers will need updated anyway. So there's little risk of a silent
mis-merge.

> diff --git a/refs/files-backend.c b/refs/files-backend.c
> index a9a066dcfb..c0e892d0c8 100644
> --- a/refs/files-backend.c
> +++ b/refs/files-backend.c
> @@ -1582,22 +1582,15 @@ static int log_ref_write_fd(int fd, const struct object_id *old_oid,
>  			    const struct object_id *new_oid,
>  			    const char *committer, const char *msg)
>  {
> -	int msglen, written;
> -	unsigned maxlen, len;
> -	char *logrec;
> -
> -	msglen = msg ? strlen(msg) : 0;
> -	maxlen = strlen(committer) + msglen + 100;
> -	logrec = xmalloc(maxlen);
> -	len = xsnprintf(logrec, maxlen, "%s %s %s\n",
> -			oid_to_hex(old_oid),
> -			oid_to_hex(new_oid),
> -			committer);
> -	if (msglen)
> -		len += copy_reflog_msg(logrec + len - 1, msg) - 1;
> -
> -	written = len <= maxlen ? write_in_full(fd, logrec, len) : -1;
> -	free(logrec);
> +	int written;
> +	struct strbuf sb = STRBUF_INIT;
> +
> +	strbuf_addf(&sb, "%s %s %s", oid_to_hex(old_oid), oid_to_hex(new_oid), committer);
> +	if (msg && *msg)
> +		copy_reflog_msg(&sb, msg);
> +	strbuf_addch(&sb, '\n');
> +	written = write_in_full(fd, sb.buf, sb.len);
> +	strbuf_release(&sb);
>  	if (written < 0)
>  		return -1;

This looks like another straight-forward translation.

While we're here, is it worth turning "written" into an ssize_t, which
is the correct return from write_in_full()? Alternatively, I wonder if
the logic would be simpler to follow with:

  int ret;

  ...strbuf bits...

  if (write_in_full(fd, sb.buf, sb.len) < 0)
	ret = -1;
  else
	ret = 0;

  strbuf_release(&sb);
  return ret;

We don't actually care about the number of bytes at all.

That's minor, though. With or without such a change, I'd be happy to see
it applied.

-Peff