Han-Wen Nienhuys <hanwenn@xxxxxxxxx> writes:
> However, it is probably pointless as long as strbuf_* functions do not
> signal OOM gracefully. There was some talk of libifying strbuf. Did
> that work include returning OOM error codes in case malloc returns
> null? A quick look at strbuf.h suggests not.
I would expect not.
The "libified" strbuf (aka "strbuf API in the Git std lib") will
have to be different from what we internally use from <strbuf.h>.
<gitstdlib/strbuf.h> will export gitstdlib_strbuf_addstr(), which is
"properly" libified and signals an allocation failure to its caller.
When that happens, I would expect that strbuf_addstr() would be a
thin wrapper around gitstdlib_strbuf_addstr(), and still just dies
with "we ran out of memory", i.e.
/* strbuf.h */
#include <strbuf.h>
#include <gitstdlib/strbuf.h>
void strbuf_addstr(struct strbuf *sb, const char *s)
{
int err = gitstdlib_strbuf_addstr(sb, s);
if (!err)
return; /* happy */
switch (err) {
case GITLIB_OOM: /* there may be others */
die("Out of memory");
...
}
}
which would keep the damage to Git codebase to the minimum when we
become the first client of the "Git std lib".
