From: Junio C Hamano <gitster@pobox.com>
To: "Ævar Arnfjörð Bjarmason" <avarab@gmail.com>
Cc: "Phillip Wood" <phillip.wood@talktalk.net>,
"René Scharfe" <l.s.r@web.de>,
git@vger.kernel.org,
"Carlo Marcelo Arenas Belón" <carenas@gmail.com>,
"Han-Wen Nienhuys" <hanwen@google.com>,
"Edward Thomson" <ethomson@edwardthomson.com>,
"Patrick Steinhardt" <ps@pks.im>
Subject: Re: [RFC PATCH 2/2] reftable: don't memset() a NULL from failed malloc()
Date: Fri, 15 Apr 2022 09:23:23 -0700 [thread overview]
Message-ID: <xmqq1qxyfh8k.fsf@gitster.g> (raw)
In-Reply-To: <220415.86bkx2bb0p.gmgdl@evledraar.gmail.com> ("Ævar Arnfjörð Bjarmason"'s message of "Fri, 15 Apr 2022 17:20:53 +0200")
Ævar Arnfjörð Bjarmason <avarab@gmail.com> writes:
>> Does it? I just quickly scanned the output of
>>
>> git grep -e 'reftable_[mc]alloc' -e 'reftable_realloc' -A2 origin/master
>>
>> and I didn't see a single NULL check
>
> I think you're right, I retrieved that information from wetware. Looking
> again I think I was confusing it with the if (x) free(x) fixes in
> 34230514b83 (Merge branch 'hn/reftable-coverity-fixes', 2022-02-16).
True. Initially I hoped that these RFC changes gives us a better
solution that comes from stepping back and rethinking the issues
around the original "why are we calling memset() with NULL?", and
if it were only "well, in _return_block() functions, we clear the
block before calling _free()---that shouldn't be necessary, if the
calling custom malloc-free pair cares, they can do the clearing, and
plain vanilla free() certainly doesn't, so let's stop calling
memset()", it certainly would have fallen into that category, but
everything these RFC patches do beyond that seems "oh, it does not
look important to me, so let's rip it out to simplify", without
knowing enough to say if that is sensible.
But ...
>> Isn't it there so the same code can be used by libgit2 and other
>> things that let the caller specify a custom allocator?
>
> I don't think so, but I may be wrong. I think it's a case of
> over-generalization where we'd be better off with something simpler,
> i.e. just using our normal allocation functions.
... many points that was raised on the reftable code in this thread
may deserve response to explain the rationale behind the current
code and design, as nobody can improve, without breaking the
intended way to be used, without knowing what it is. Thanks for
marking the patches with RFC. I think the "patch" is a bit too
dense a form to point out the issues in the existing code, but the
discussion that follows by quoting the points in the original code
and suggested changes is a good way to think about the code before
these RFC patches.
Ideally, it would have been much better if these points were raised
during the review before the code was accepted to the code base, but
it is better to have one now, rather than never ;-)
THanks.
next prev parent reply other threads:[~2022-04-15 16:23 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-04-15 7:02 [PATCH] reftable: avoid undefined behaviour breaking t0032 Carlo Marcelo Arenas Belón
2022-04-15 7:10 ` Junio C Hamano
2022-04-15 8:30 ` [PATCH v2] " Carlo Marcelo Arenas Belón
2022-04-15 10:21 ` [RFC PATCH 0/2] reftable: remove poor man's SANITIZE=address, fix a memset() bug Ævar Arnfjörð Bjarmason
2022-04-15 10:21 ` [RFC PATCH 1/2] reftable: remove the "return_block" abstraction Ævar Arnfjörð Bjarmason
2022-04-15 13:37 ` René Scharfe
2022-04-25 9:57 ` Han-Wen Nienhuys
2022-04-25 17:30 ` Junio C Hamano
2022-04-15 10:21 ` [RFC PATCH 2/2] reftable: don't memset() a NULL from failed malloc() Ævar Arnfjörð Bjarmason
2022-04-15 13:37 ` René Scharfe
2022-04-15 13:53 ` Ævar Arnfjörð Bjarmason
2022-04-15 14:30 ` Phillip Wood
2022-04-15 15:20 ` Ævar Arnfjörð Bjarmason
2022-04-15 16:23 ` Junio C Hamano [this message]
2022-04-25 10:30 ` Han-Wen Nienhuys
2022-04-25 10:18 ` [PATCH v2] reftable: avoid undefined behaviour breaking t0032 Han-Wen Nienhuys
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=xmqq1qxyfh8k.fsf@gitster.g \
--to=gitster@pobox.com \
--cc=avarab@gmail.com \
--cc=carenas@gmail.com \
--cc=ethomson@edwardthomson.com \
--cc=git@vger.kernel.org \
--cc=hanwen@google.com \
--cc=l.s.r@web.de \
--cc=phillip.wood@talktalk.net \
--cc=ps@pks.im \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).