From: "Ævar Arnfjörð Bjarmason" <avarab@gmail.com>
To: Jeff King <peff@peff.net>
Cc: git@vger.kernel.org, Junio C Hamano <gitster@pobox.com>,
Enzo Matsumiya <ematsumiya@suse.de>
Subject: Re: [PATCH 0/5] run-command API: get rid of "argv"
Date: Mon, 22 Nov 2021 19:26:26 +0100 [thread overview]
Message-ID: <211122.86sfvoxcv6.gmgdl@evledraar.gmail.com> (raw)
In-Reply-To: <YZvY+BJhxaFIOdnJ@coredump.intra.peff.net>
On Mon, Nov 22 2021, Jeff King wrote:
> On Mon, Nov 22, 2021 at 05:04:02PM +0100, Ævar Arnfjörð Bjarmason wrote:
>
>> This series is an alternate but more thorough way to solve the pager
>> segfault reported by Enzo Matsumiya[1], and more generally avoids
>> similar issues in the future.
>>
>> That the run-command API exposed two subtly different ways of doing
>> the same thing wouldn't only lead to the sort of bug reported in [1],
>> but also made memory management around it rather painful. As noted by
>> Jeff King in[2]:
>>
>> I'd like to eventually get rid of the argv interface entirely
>> because it has memory-ownership semantics that are easy to get
>> wrong.
>
> Yeah, unsurprisingly I'm in favor of this direction (and in fact started
> looking at myself before seeing your responses). It's big and complex
> enough that I do worry about prepending it in front of the segfault bug
> fix being discussed.
>
>> As noted in 5/5 we've still got a similar issue with "env" and
>> "env_array". I've got a follow-up series that similarly removes "env"
>> which we can do at some point (it's much smaller than this one), but
>> for now let's focus on "argv".
>
> I think we should probably do both, though I am OK with doing it
> separately. There are fewer callers for "env", but I found more
> ancillary cleanup necessary (e.g., "const char **" versus "const char
> *const *" headaches).
>
>> Ævar Arnfjörð Bjarmason (5):
>> archive-tar: use our own cmd.buf in error message
>> upload-archive: use regular "struct child_process" pattern
>> run-command API users: use strvec_pushv(), not argv assignment
>> run-command API users: use strvec_pushl(), not argv construction
>> run-command API: remove "argv" member, always use "args"
>
> I left a few comments on individual patches. I had done a rough cut at
> this, too. One big difference is that I used the opportunity to clean up
> some ugly and error-prone uses of argv that are now unnecessary. For
> instance:
>
> diff --git a/builtin/notes.c b/builtin/notes.c
> index 2b2bac43f3..85d1abad88 100644
> --- a/builtin/notes.c
> +++ b/builtin/notes.c
> @@ -134,14 +134,13 @@ static void copy_obj_to_fd(int fd, const struct object_id *oid)
>
> static void write_commented_object(int fd, const struct object_id *object)
> {
> - const char *show_args[5] =
> - {"show", "--stat", "--no-notes", oid_to_hex(object), NULL};
> struct child_process show = CHILD_PROCESS_INIT;
> struct strbuf buf = STRBUF_INIT;
> struct strbuf cbuf = STRBUF_INIT;
>
> /* Invoke "git show --stat --no-notes $object" */
> - strvec_pushv(&show.args, show_args);
> + strvec_pushl(&show.args, "show", "--stat", "--no-notes",
> + oid_to_hex(object), NULL);
> show.no_stdin = 1;
> show.out = -1;
> show.err = 0;
>
> The show_args variable is error-prone in two ways:
>
> - the magic number "5" must be in sync with the rest of the array. In
> this case it's superfluous and could just be removed, but I'll give
> a related example below.
>
> - we have to remember to include the trailing NULL. We have to for
> pushl(), too, but in that case the compiler will warn us when we
> omit it.
>
> Here's another one:
>
> @@ -943,23 +941,22 @@ static int run_receive_hook(struct command *commands,
>
> static int run_update_hook(struct command *cmd)
> {
> - const char *argv[5];
> + const char *hook_cmd;
> struct child_process proc = CHILD_PROCESS_INIT;
> int code;
>
> - argv[0] = find_hook("update");
> - if (!argv[0])
> + hook_cmd = find_hook("update");
> + if (!hook_cmd)
> return 0;
>
> - argv[1] = cmd->ref_name;
> - argv[2] = oid_to_hex(&cmd->old_oid);
> - argv[3] = oid_to_hex(&cmd->new_oid);
> - argv[4] = NULL;
> + strvec_push(&proc.args, hook_cmd);
> + strvec_push(&proc.args, cmd->ref_name);
> + strvec_push(&proc.args, oid_to_hex(&cmd->old_oid));
> + strvec_push(&proc.args, oid_to_hex(&cmd->new_oid));
>
> proc.no_stdin = 1;
> proc.stdout_to_stderr = 1;
> proc.err = use_sideband ? -1 : 0;
> - strvec_pushv(&proc.args, argv);
> proc.trace2_hook_name = "update";
>
> In this case the magic "5" really is important, and we get rid of it
> (and again don't need to worry about the terminating NULL).
>
> I'm on the fence on how important it is to do these cleanups. IMHO they
> are half of what really sells the change in the first place (since the
> other bug can pretty easily be fixed without it).
>
> But maybe it is piling too much onto what is already a pretty big
> change. The cleanups could be done individually later.
Yeah, those are nice. I did do most/all those initially myself, but
ended up ejecting them in anticipation of getting comments about runaway
refactoring, as they're not strictly necessary. But I can include them
again if you/Junio would like...
> diff --git a/daemon.c b/daemon.c
> index cc278077d2..4a000ee4af 100644
> --- a/daemon.c
> +++ b/daemon.c
> @@ -329,10 +329,15 @@ static int run_access_hook(struct daemon_service *service, const char *dir,
> char *eol;
> int seen_errors = 0;
>
> + strvec_push(&child.args, access_hook);
> + strvec_push(&child.args, service->name);
> + strvec_push(&child.args, path);
> + strvec_push(&child.args, hi->hostname.buf);
> + strvec_push(&child.args, get_canon_hostname(hi));
> + strvec_push(&child.args, get_ip_address(hi));
> + strvec_push(&child.args, hi->tcp_port.buf);
> +
> child.use_shell = 1;
> - strvec_pushl(&child.args, access_hook, service->name, path,
> - hi->hostname.buf, get_canon_hostname(hi),
> - get_ip_address(hi), hi->tcp_port.buf, NULL);
> child.no_stdin = 1;
> child.no_stderr = 1;
> child.out = -1;
>
> I had other changes from yours like this. This is purely cosmetic, and I
> could see arguments either way. I find the one-per-line version a bit
> easier to read. Even though it repeats child.args over and over, it's
> easy to look past since it's all aligned.
>
> I'm OK calling that bike-shedding, but I offer it mostly in case you
> didn't try it the other way and actually like my color. ;)
I do like it better :) It's another thing I did like that initiall, but
ended up moving to strvec_pushl(). IIRC because I got the opposite
request on a recent bundle.c topic of mine (now landed). I.e. it used
multiple aligned strvec_push() initailly, and it was suggested to use
strvec_pushl() instead...
next prev parent reply other threads:[~2021-11-22 18:29 UTC|newest]
Thread overview: 71+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-11-20 19:40 [PATCH v2] pager: fix crash when pager program doesn't exist Enzo Matsumiya
2021-11-21 18:37 ` Jeff King
2021-11-22 2:10 ` Junio C Hamano
2021-11-22 4:35 ` Jeff King
2021-11-22 14:52 ` Enzo Matsumiya
2021-11-22 17:05 ` Junio C Hamano
2021-11-23 16:40 ` Enzo Matsumiya
2021-11-24 1:55 ` Ævar Arnfjörð Bjarmason
2021-11-24 15:51 ` Jeff King
2021-11-22 16:04 ` [PATCH 0/5] run-command API: get rid of "argv" Ævar Arnfjörð Bjarmason
2021-11-22 16:04 ` [PATCH 1/5] archive-tar: use our own cmd.buf in error message Ævar Arnfjörð Bjarmason
2021-11-22 21:04 ` Junio C Hamano
2021-11-22 16:04 ` [PATCH 2/5] upload-archive: use regular "struct child_process" pattern Ævar Arnfjörð Bjarmason
2021-11-22 17:02 ` Jeff King
2021-11-22 20:53 ` Ævar Arnfjörð Bjarmason
2021-11-22 21:10 ` Jeff King
2021-11-22 21:36 ` Ævar Arnfjörð Bjarmason
2021-11-22 16:04 ` [PATCH 3/5] run-command API users: use strvec_pushv(), not argv assignment Ævar Arnfjörð Bjarmason
2021-11-22 21:19 ` Junio C Hamano
2021-11-22 21:30 ` Ævar Arnfjörð Bjarmason
2021-11-22 16:04 ` [PATCH 4/5] run-command API users: use strvec_pushl(), not argv construction Ævar Arnfjörð Bjarmason
2021-11-22 16:04 ` [PATCH 5/5] run-command API: remove "argv" member, always use "args" Ævar Arnfjörð Bjarmason
2021-11-22 17:32 ` Jeff King
2021-11-22 18:19 ` Ævar Arnfjörð Bjarmason
2021-11-22 18:47 ` Jeff King
2021-11-22 17:52 ` [PATCH 0/5] run-command API: get rid of "argv" Jeff King
2021-11-22 18:11 ` Junio C Hamano
2021-11-22 18:33 ` Ævar Arnfjörð Bjarmason
2021-11-22 18:49 ` Jeff King
2021-11-22 18:26 ` Ævar Arnfjörð Bjarmason [this message]
2021-11-23 12:06 ` [PATCH v2 0/9] run-command API: get rid of "argv" and "env" Ævar Arnfjörð Bjarmason
2021-11-23 12:06 ` [PATCH v2 1/9] worktree: remove redundant NULL-ing of "cp.argv Ævar Arnfjörð Bjarmason
2021-11-23 15:26 ` Eric Sunshine
2021-11-24 1:54 ` Junio C Hamano
2021-11-24 6:00 ` Eric Sunshine
2021-11-24 6:12 ` Eric Sunshine
2021-11-24 5:44 ` Eric Sunshine
2021-11-23 12:06 ` [PATCH v2 2/9] upload-archive: use regular "struct child_process" pattern Ævar Arnfjörð Bjarmason
2021-11-23 12:06 ` [PATCH v2 3/9] run-command API users: use strvec_pushv(), not argv assignment Ævar Arnfjörð Bjarmason
2021-11-23 12:06 ` [PATCH v2 4/9] run-command tests: " Ævar Arnfjörð Bjarmason
2021-11-24 1:33 ` Eric Sunshine
2021-11-23 12:06 ` [PATCH v2 5/9] run-command API users: use strvec_pushl(), not argv construction Ævar Arnfjörð Bjarmason
2021-11-23 12:06 ` [PATCH v2 6/9] run-command API users: use strvec_push(), " Ævar Arnfjörð Bjarmason
2021-11-23 12:06 ` [PATCH v2 7/9] run-command API: remove "argv" member, always use "args" Ævar Arnfjörð Bjarmason
2021-11-23 12:06 ` [PATCH v2 8/9] difftool: use "env_array" to simplify memory management Ævar Arnfjörð Bjarmason
2021-11-23 12:06 ` [PATCH v2 9/9] run-command API: remove "env" member, always use "env_array" Ævar Arnfjörð Bjarmason
2021-11-25 22:52 ` [PATCH v3 0/9] run-command API: get rid of "argv" and "env" Ævar Arnfjörð Bjarmason
2021-11-25 22:52 ` [PATCH v3 1/9] worktree: stop being overly intimate with run_command() internals Ævar Arnfjörð Bjarmason
2021-11-26 9:48 ` Eric Sunshine
2021-11-25 22:52 ` [PATCH v3 2/9] upload-archive: use regular "struct child_process" pattern Ævar Arnfjörð Bjarmason
2021-11-25 22:52 ` [PATCH v3 3/9] run-command API users: use strvec_pushv(), not argv assignment Ævar Arnfjörð Bjarmason
2021-11-25 22:52 ` [PATCH v3 4/9] run-command tests: " Ævar Arnfjörð Bjarmason
2021-11-25 22:52 ` [PATCH v3 5/9] run-command API users: use strvec_pushl(), not argv construction Ævar Arnfjörð Bjarmason
2021-11-25 22:52 ` [PATCH v3 6/9] run-command API users: use strvec_push(), " Ævar Arnfjörð Bjarmason
2021-11-25 22:52 ` [PATCH v3 7/9] run-command API: remove "argv" member, always use "args" Ævar Arnfjörð Bjarmason
2021-11-25 22:52 ` [PATCH v3 8/9] difftool: use "env_array" to simplify memory management Ævar Arnfjörð Bjarmason
2021-11-25 22:52 ` [PATCH v3 9/9] run-command API: remove "env" member, always use "env_array" Ævar Arnfjörð Bjarmason
2021-11-22 15:31 ` [PATCH v2] pager: fix crash when pager program doesn't exist Enzo Matsumiya
2021-11-22 16:22 ` Ævar Arnfjörð Bjarmason
2021-11-22 16:46 ` Enzo Matsumiya
2021-11-22 17:10 ` Ævar Arnfjörð Bjarmason
2021-11-22 17:41 ` Jeff King
2021-11-22 18:00 ` Junio C Hamano
2021-11-22 18:26 ` Jeff King
2021-11-22 17:55 ` Junio C Hamano
2021-11-22 18:19 ` Junio C Hamano
2021-11-22 18:37 ` Jeff King
2021-11-22 20:39 ` Junio C Hamano
2021-11-22 17:08 ` Junio C Hamano
2021-11-22 18:35 ` Ævar Arnfjörð Bjarmason
2021-11-22 16:30 ` Jeff King
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=211122.86sfvoxcv6.gmgdl@evledraar.gmail.com \
--to=avarab@gmail.com \
--cc=ematsumiya@suse.de \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=peff@peff.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).