On Tue, Sep 27 2022, Derrick Stolee wrote:
> On 9/27/2022 7:38 AM, Derrick Stolee wrote:
>> On 9/26/2022 5:55 PM, Junio C Hamano wrote:
>>> "Derrick Stolee via GitGitGadget" <gitgitgadget@xxxxxxxxx> writes:
>>>
>>>> @@ -1538,11 +1546,23 @@ static int maintenance_unregister(int argc, const char **argv, const char *prefi
>>>> usage_with_options(builtin_maintenance_unregister_usage,
>>>> options);
>>>>
>>>> - config_unset.git_cmd = 1;
>>>> - strvec_pushl(&config_unset.args, "config", "--global", "--unset",
>>>> - "--fixed-value", "maintenance.repo", maintpath, NULL);
>>>> + for_each_string_list_item(item, list) {
>>>> + if (!strcmp(maintpath, item->string)) {
>>>> + found = 1;
>>>> + break;
>>>> + }
>>>> + }
>>>
>>> Just out of curiosity, I ran this in a fresh repository and got a
>>> segfault.
>>
>> Yikes! Thanks for catching. I think there was another instance in
>> the 'register' code that I caught by tests, but I appreciate you
>> catching this one.
>>
>>> An attached patch obviously fixes it, but I am wondering
>>> if a better "fix" is to teach for_each_string_list_item() that it is
>>> perfectly reasonable to see a NULL passed to it as the list, which
>>> is a mere special case that the caller has a string list with 0
>>> items on it.
>>>
>>> Thoughts?
>>
>> I agree that for_each_string_list_item() could handle NULL lists
>> better, especially because it looks like a method and hides some
>> details. Plus, wrapping the for-ish loop with an if statement is
>> particularly ugly.
> ...
>> I'll get a patch put together that changes the behavior of
>> for_each_string_list_item() and adds the missing 'unregister' test
>> so we can avoid this problem.
>
> Of course, there is a reason why we don't check for NULL here,
> and it's because -Werror=address complains when we use a non-pointer
> value in the macro:
>
> string-list.h:146:28: error: the address of ‘friendly_ref_names’ will always evaluate as ‘true’ [-Werror=address]
> 146 | for (item = (list) ? (list)->items : NULL; \
> |
>
> I tried searching for a way to suppress this error in a particular
> case like this (perhaps using something like an attribute?), but I
> couldn't find anything.
We discussed this exact issue just a few months ago, see:
https://lore.kernel.org/git/220614.86czfcytlz.gmgdl@xxxxxxxxxxxxxxxxxxx/
In general I don't think we should be teaching
for_each_string_list_item() to handle NULL.
Instead most callers that need to deal with a "NULL" list should
probably just use a list that's never NULL. See:
https://lore.kernel.org/git/220616.86bkuswuh5.gmgdl@xxxxxxxxxxxxxxxxxxx/
In this case however it seems perfectly reasonable to return a valid
pointer or NULL, and the function documents as much:
/**
* Finds and returns the value list, sorted in order of increasing priority
* for the configuration variable `key`. When the configuration variable
* `key` is not found, returns NULL. The caller should not free or modify
* the returned pointer, as it is owned by the cache.
*/
const struct string_list *git_config_get_value_multi(const char *key);
You also have code in 3/3 that uses that API in the correct way, I think
just adjusting this callsite in 1/3 would be the right move here.
This also gives the reader & compiler more information to e.g. eliminate
dead code. You're calling maintpath() unconditionally, but if you have
no config & the user provided --force we'll never end up using it, so we
can avoid allocating it in the first place.
