"阿德烈 via GitGitGadget" <gitgitgadget@xxxxxxxxx> writes: > From: ZheNing Hu <adlternative@xxxxxxxxx> > > the usage in strbuf.h tell us"Alloc is somehow a > "private" member that should not be messed with. > use `strbuf_avail()`instead." When we use the word "private", it generally means it is private to the implementation of the API. IOW, it is usually fine for the implementation of the API (i.e. for strbuf API, what you see in strbuf.c) to use private members. In any case, these changes are _not_ optimizations. Replacing (alloc - len - 1) with strbuf_avail() is at best an equivalent rewrite (which is a good thing from readability's point of view, but not an optimization). We know sb->alloc during the loop is never 0, but the compiler may miss the fact, so the inlined implementation of _avail, i.e. static inline size_t strbuf_avail(const struct strbuf *sb) { return sb->alloc ? sb->alloc - sb->len - 1 : 0; } may not incur call overhead, but may be pessimizing the executed code. If you compare the code in the loop in the second hunk below with what _setlen() does, I think you'll see the overhead of _setlen() relative to the original code is even higher, so it may also be pessimizing, not optimizing. So, overall, I am not all that enthused to see this patch. One thing I noticed is that, whether open coded like sb->len += got or made into parameter to strbuf_setlen(sb, sb->len + got), we are not careful about sb->len growing too large and overflowing with the addition. That may potentially be an interesting thing to look into, but at the same time, unlike the usual "compute the number of bytes we need to allocate and then call xmalloc()" pattern, where we try to be careful in the "compute" step by using st_add() macros, this code actually keep growing the buffer, so by the time the size_t overflows and wraps around, we'd certainly have exhausted the memory already, so it won't be an issue. But we may want to audit existing code that is not careful when preparing the second parameter to strbuf_setlen(). We just analyzed, if we were to accept this patch, that "sb->len + got" that appear as the second parameter to new call of strbuf_setlen() looks bad but would not matter in practice, but we may not be so lucky in other places. Thanks for a food for thought. > diff --git a/strbuf.c b/strbuf.c > index e3397cc4c72..76f560a28d0 100644 > --- a/strbuf.c > +++ b/strbuf.c > @@ -517,7 +517,7 @@ ssize_t strbuf_read(struct strbuf *sb, int fd, size_t hint) > > strbuf_grow(sb, hint ? hint : 8192); > for (;;) { > - ssize_t want = sb->alloc - sb->len - 1; > + ssize_t want = strbuf_avail(sb); > ssize_t got = read_in_full(fd, sb->buf + sb->len, want); > > if (got < 0) { > @@ -527,7 +527,7 @@ ssize_t strbuf_read(struct strbuf *sb, int fd, size_t hint) > strbuf_setlen(sb, oldlen); > return -1; > } > - sb->len += got; > + strbuf_setlen(sb, sb->len + got); > if (got < want) > break; > strbuf_grow(sb, 8192); > @@ -543,7 +543,7 @@ ssize_t strbuf_read_once(struct strbuf *sb, int fd, size_t hint) > ssize_t cnt; > > strbuf_grow(sb, hint ? hint : 8192); > - cnt = xread(fd, sb->buf + sb->len, sb->alloc - sb->len - 1); > + cnt = xread(fd, sb->buf + sb->len, strbuf_avail(sb)); > if (cnt > 0) > strbuf_setlen(sb, sb->len + cnt); > else if (oldalloc == 0) > > base-commit: 6d3ef5b467eccd2769f1aa1c555d317d3c8dc707