Junio C Hamano wrote:
>
> Let's look at this (not this follow-up patch) the other way around.
>
> Six months down the load, somebody may ask you:
>
> Is there a good reason why many are not bitfields but only selected
> few are bitfields in this structure? Most of these can and should be
> bitfields, as far as I can see, because the code uses them as
> booleans, and the only breakage it may cause if we change them to
> bitfields to shrink this structure would be the option parsing code.
>
> What would be your answer? Doesn't it feel wrong to do such a conversion
> only to work around the current limitation of parseopt?
I understand. It does feel wrong to do this just to workaround
parseopts, but I was assuming this wasn't a performance critical struct
because Hannes said it wasn't set in stone. Of course, it also feels
wrong to have the foo ? 1 : 0, but I think it's less wrong. This is why
I had the foo ? 1 : 0 constructs in v2, because I felt that making this
more radical change would lead to just this question. As a bonus, having
these ugly constructs encourages someone to come up with a way to handle
bit fields in parseopts.
>
> By the way, has it been verified that all the users of these fields are OK
> with this change when they use these fields? I am not worried about them
> reading the value command line option parser set, but more worried about
> reading after other codepaths set/modified these fields. The command line
> parser that uses parseopt may correctly set only 0 or 1 to these fields
> initially and we should be able to verify that from the patch text, but
> there is no guarantee that this conversion is even correct at runtime
> without an audit, no?
>
> The callers have long relied on the fact that reading from these bitfields
> yields either 0 or 1 and never 2 or larger, but they are now widened to
> full-width unsigned. A pattern like this:
>
> uto.field = ~uto.field;
> if (uto.field == 1) {
> field now set;
> } else {
> field now unset;
> }
>
> would be broken by widening "unsigned field:1" to "unsigned field", right?
> I am not saying this is the only pattern that would break, nor I know
> there are codepaths that use this pattern, but I think you got my point.
Yes. I glanced over the users of unpack_trees_options and didn't see
anything dangerous like the above example. It wasn't a really thorough
audit though because I was hoping that the callers were treating them as
booleans, and not bits.
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html