On Wed, 2015-10-14 at 14:17 -0700, Junio C Hamano wrote:
> David Turner <dturner@xxxxxxxxxxxxxxxx> writes:
>
> > + unsigned int ref_count; /* count the number of refs to this in dir_hash */
>
> Me makes a mental note of the type used...
>
> > @@ -213,6 +214,32 @@ struct cache_entry {
> > struct pathspec;
> >
> > /*
> > + * Increment the cache_entry reference count. Should be called
> > + * whenever a pointer to a cache_entry is retained in a data structure,
> > + * thus marking it as alive.
> > + */
> > +static inline void add_ce_ref(struct cache_entry *ce)
> > +{
> > + assert(ce != NULL && ce->ref_count >= 0);
>
> ... and notices that ce->ref_count will always be non-negative here
>
>
> > + ce->ref_count++;
> > +}
> > +
> > +/*
> > + * Decrement the cache_entry reference count. Should be called whenever
> > + * a pointer to a cache_entry is dropped. Once the counter drops to 0
> > + * the cache_entry memory will be safely freed.
> > + */
> > +static inline void drop_ce_ref(struct cache_entry *ce)
> > +{
> > + if (ce != NULL) {
> > + assert(ce->ref_count >= 0);
>
> ... and here.
>
> By not checking integer overflow/wraparound, the code is assuming
> that a ce entry will never referenced more than 4 billion times on
> 32-bit platform. And that is a sensible assumption as there aren't
> that many pointers in the address space to make that many reference
> anyway.
>
> Perhaps the code can assume the number won't be more than 2 billion
> and use a signed type instead for the reference counting?
Will do.
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html