Hi Junio,
first of all: Kevin & I are colleagues and I helped prepare this patch
series. I had the idea to have a two-level patch ID to help e.g. when an
alternate object store is hosted on a (slow) network drive.
On Fri, 29 Jul 2016, Junio C Hamano wrote:
> Kevin Willford <kcwillford@xxxxxxxxx> writes:
>
> > struct patch_id *add_commit_patch_id(struct commit *commit,
> > struct patch_ids *ids)
> > {
> > - return add_commit(commit, ids, 0);
> > + struct patch_id *key = xcalloc(1, sizeof(*key));
> > +
> > + if (init_patch_id_entry(key, commit, ids)) {
> > + free(key);
> > + return NULL;
> > + }
>
> This is a tangent, but this made me wonder if it is safe to simply
> free(3) the result of calling hashmap_entry_init() which is called
> in init_patch_id_entry(). It would obviously become a resource
> leak, if a hashmap_entry (which the api documentation says is "an
> opaque structure") holds any allocated resource.
It would be a serious bug if hashmap_entry_init() played games with
references, given its signature (that this function does not have any
access to the hashmap structure, only to the entry itself):
void hashmap_entry_init(void *entry, unsigned int hash)
Please note that the `void *entry` really needs to point to a struct whose
first field is of type `struct hashmap_entry`. This is not type-safe, of
course, but C does not allow a strong sub-typing of the kind we want to
use here.
> The fact that hashmap_entry_init() is there but there is no
> corresponding hashmap_entry_clear() hints that there is nothing to
> be worried about and I can see from the implementation of
> hashmap_entry_init() that no extra resource is held inside, but an
> API user should not have to guess. We may want to do one of the two
> things:
>
> * document that an embedded hashmap_entry does not hold any
> resource that need to be released and it is safe to free the user
> structure that embeds one; or
>
> * implement hashmap_entry_clear() that currently is a no-op.
Urgh. The only reason we have hashmap_entry_init() is that we *may* want
to extend `struct hashmap_entry` at some point. That is *already*
over-engineered because that point in time seems quite unlikely to arrive,
like, ever.
In that light, as you said, why would we overengineer things even further
by introducing a hashmap_entry_clear(), especially given that we won't
catch any forgotten _clear() calls, given that it is a no-op anyway?
Let's just not.
Ciao,
Dscho
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html