David Turner <dturner@xxxxxxxxxxxxxxxx> writes:
> + unsigned int ref_count; /* count the number of refs to this in dir_hash */
Me makes a mental note of the type used...
> @@ -213,6 +214,32 @@ struct cache_entry {
> struct pathspec;
>
> /*
> + * Increment the cache_entry reference count. Should be called
> + * whenever a pointer to a cache_entry is retained in a data structure,
> + * thus marking it as alive.
> + */
> +static inline void add_ce_ref(struct cache_entry *ce)
> +{
> + assert(ce != NULL && ce->ref_count >= 0);
... and notices that ce->ref_count will always be non-negative here
> + ce->ref_count++;
> +}
> +
> +/*
> + * Decrement the cache_entry reference count. Should be called whenever
> + * a pointer to a cache_entry is dropped. Once the counter drops to 0
> + * the cache_entry memory will be safely freed.
> + */
> +static inline void drop_ce_ref(struct cache_entry *ce)
> +{
> + if (ce != NULL) {
> + assert(ce->ref_count >= 0);
... and here.
By not checking integer overflow/wraparound, the code is assuming
that a ce entry will never referenced more than 4 billion times on
32-bit platform. And that is a sensible assumption as there aren't
that many pointers in the address space to make that many reference
anyway.
Perhaps the code can assume the number won't be more than 2 billion
and use a signed type instead for the reference counting?
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html