This is the mail archive of the gdb-patches@sourceware.org mailing list for the GDB project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [PATCH] Change some arguments to gdb::string_view instead of name+len

From: "Christian Biesinger via gdb-patches" <gdb-patches at sourceware dot org>
To: Pedro Alves <palves at redhat dot com>, Tom Tromey <tom at tromey dot com>
Cc: gdb-patches <gdb-patches at sourceware dot org>
Date: Wed, 2 Oct 2019 13:44:08 -0500
Subject: Re: [PATCH] Change some arguments to gdb::string_view instead of name+len
References: <CAPTJ0XF0=Kc1ZGLtLnfU4PnSkiUYDF47g7KafGm1JPCXt_7YTw@mail.gmail.com> <20191001173345.48753-1-cbiesinger@google.com> <d1b65927-0e75-523d-fde2-330adf682114@redhat.com> <CAPTJ0XHCohWOX-XR1MLT6BWSF7wHv6uCXyiqQqCoGO+uZftSGA@mail.gmail.com> <b96e101c-37d3-c5f0-dbe3-9ac89c61e805@redhat.com> <CAPTJ0XFhQb2XZOf_rFHp1A0bF62uks3Ld4B14+LOwuoPS1q_jw@mail.gmail.com> <b034f2ae-f36a-5652-9782-b3cdf71e9a39@redhat.com>
Reply-to: Christian Biesinger <cbiesinger at google dot com>

On Wed, Oct 2, 2019 at 9:45 AM Pedro Alves <palves@redhat.com> wrote:
>
> On 10/1/19 8:29 PM, Christian Biesinger wrote:
> > On Tue, Oct 1, 2019 at 2:10 PM Pedro Alves <palves@redhat.com> wrote:
>
> >> I wonder then, I assume that the caller up the stack should know whether
> >> the string was originally null terminated?  I wonder about tweaking the
> >> interface to pass that info down somehow.
> >
> > Actually, let me come at this from a different direction...
> >
> > I looked at all the callers. In every case, they either passed a
> > nullterminated string or a substring of an existing string. In other
> > words, accessing name[length] was always valid, even if the
> > string_view wasn't nullterminated.
> >
> > In light of that, how do you feel about just documenting that callers
> > have to pass a string view where accessing [length] is guaranteed not
> > to be an invalid memory access?
>
> My feeling is that one of the points of vocabulary types like string_view is
> that you replace documentation with rules or contracts enforced by, or
> encoded in the types.  To me, it feels like a bit of a hack or design issue that
> we switch to string_view while at the same time, find that we need to step
> outside its contract.  A char * pointer is low level and as such forces
> you into a "what exactly am I allowed to pass here?" mind state, while
> a string_view has a contract that people should just be able to
> assume.
>
> OTOH, I don't feel that strongly about this case, there are
> certainly bigger fish to fry!
>
> So I guess I'll be happy with just documenting.  But
> please don't take that as approval.  I'd rather defer to Tromey,
> since he had started the review, and I haven't even looked at the
> whole patch in detail.

tromey -- any thoughts on this? As I see it, the two options are:
- Always alloca+strcpy (ought to be fairly cheap)
- Document that accessing .data()[length] must be valid

(or make bfd_demangle take a length, but that doesn't seem realistic)


Christian

References:
- Re: [PATCH v4] Change some arguments to gdb::string_view instead of name+len
  - From: Christian Biesinger via gdb-patches
- [PATCH] Change some arguments to gdb::string_view instead of name+len
  - From: Christian Biesinger via gdb-patches
- Re: [PATCH] Change some arguments to gdb::string_view instead of name+len
  - From: Pedro Alves
- Re: [PATCH] Change some arguments to gdb::string_view instead of name+len
  - From: Christian Biesinger via gdb-patches
- Re: [PATCH] Change some arguments to gdb::string_view instead of name+len
  - From: Pedro Alves
- Re: [PATCH] Change some arguments to gdb::string_view instead of name+len
  - From: Christian Biesinger via gdb-patches
- Re: [PATCH] Change some arguments to gdb::string_view instead of name+len
  - From: Pedro Alves

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]