Wincent Colaiuta wrote:
As an example, do your safe API do null pointer checks. This is
because strcpy, strlen and the like don't, which is one of the reasons
why they are considered unsafe. But then, if you guarantee that you
are not passing a null pointer to one of these API, why take the hit
of the additional checks when you know that these are safe.
Do you really think that comparing a pointer to NULL is going to be a
speed hit? I would imagine that on most architectures it boils down to
one or two machine code instructions.
The question rather is, why should you bother comparing to a NULL pointer? To return an error (EINVAL?)? I'd rather have either a) the caller check or b) the process segfault. A segfault gives me a nice core file which I can use to hunt the bug.
I also don't see why not checking for NULL pointers is unsafe. Okay, maybe there are platforms out there which do not crash on a NULL pointer derefence, but I doubt these are consumers of git. All other platforms are safe by the implicit check of the MMU.
The worst thing is something like
if (ptr == NULL)
abort();
which only adds code (and thus needs maintenance), but no value whatsoever. Either the following code tolerates NULL pointers or it will crash and segfault, so why bother panicing before.
Of course I might be totally of track...
cheers
simon
-
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
