Drop booth_conf and a few other things #158
Conversation
nrwahl2
force-pushed
the
nrwahl2-poki
branch
from
f0212b5 to
4ddc817
Compare
|
Fixed a couple of issues, at least one more to fix |
nrwahl2
force-pushed
the
nrwahl2-poki
branch
from
a308f81 to
98596b6
Compare
| int site_index = 0; | ||
| time_t ts; | ||
|
|
||
| FOREACH_TICKET(conf, i, tk) { |
There was a problem hiding this comment.
Using foreach construct is for sure more readable than using C for simply because it adds higher level semantic, and it is nice abstraction well known to anybody who knows higher level languages and probably the reason why widely used C list implementations have some form of foreach abstraction. What if you decide one day there are deployments with too many tickets and find out simple list is too slow and hash table is needed? Then there will be need to change N for cycles instead of having nice abstraction and change only one of them.
There was a problem hiding this comment.
Thanks! I always welcome your perspective :)
Personally... I don't mind it at all in languages where foreach (or similar) is a native construct. I find these two macros really annoying, and they increase my cognitive load when looking at the code.
I would like it better if it were a function similar to g_list_foreach, which takes a GList and a function to apply to each member. Of course, that requires functionizing the body of each for loop.
Instead, this is a macro that takes the place of a for loop header and expects a statement after it to act as the body... but that statement isn't an argument and thus isn't part of the macro definition in any way. It feels awkward to me.
One of the most irritating aspects is that the loop counter variable and the data variable both have to be declared outside the scope of the loop. That's another thing that's not an issue with g_list_foreach(), etc.
But honestly, IMO for (int i = 0; i < some_var; i++) { ... } is extremely readable for any C programmer. We're not working with complicated loop headers here. They're as simple as can be.
There was a problem hiding this comment.
But honestly, IMO
for (int i = 0; i < some_var; i++) { ... }is extremely readable for any C programmer. We're not working with complicated loop headers here. They're as simple as can be.
I'm not saying it is not readable, I'm saying foreach is more readable and have foreach abstraction is worth to have, that's it.
There was a problem hiding this comment.
I find the existing FOREACH_TICKET/FOREACH_NODE macros significantly less readable than using explicit loop headers.
But in my other branch that has more queued commits, I've added booth__foreach_ticket(), booth__foreach_site(), etc., which apply a function to each item, similar to g_list_foreach as mentioned above. We have similar abstractions in Pacemaker (pe__foreach_bundle_replica(), pe__foreach_const_bundle_replica(), etc.). Hopefully that's something we can be happy with.
I took those changes out of this PR, to make review less daunting.
nrwahl2
changed the title
This aligns with the Pacemaker Development guide and makes it easier to locate a function's definition. I missed these inline functions as part of 6e2ca47. Signed-off-by: Reid Wahl <[email protected]>
Signed-off-by: Reid Wahl <[email protected]>
Signed-off-by: Reid Wahl <[email protected]>
Signed-off-by: Reid Wahl <[email protected]>
And make it an inline function. Signed-off-by: Reid Wahl <[email protected]>
Signed-off-by: Reid Wahl <[email protected]>
Signed-off-by: Reid Wahl <[email protected]>
Signed-off-by: Reid Wahl <[email protected]>
Signed-off-by: Reid Wahl <[email protected]>
Signed-off-by: Reid Wahl <[email protected]>
Signed-off-by: Reid Wahl <[email protected]>
Signed-off-by: Reid Wahl <[email protected]>
Signed-off-by: Reid Wahl <[email protected]>
Signed-off-by: Reid Wahl <[email protected]>
Signed-off-by: Reid Wahl <[email protected]>
Signed-off-by: Reid Wahl <[email protected]>
Signed-off-by: Reid Wahl <[email protected]>
Signed-off-by: Reid Wahl <[email protected]>
Nothing uses it anymore. Signed-off-by: Reid Wahl <[email protected]>
Signed-off-by: Reid Wahl <[email protected]>
Signed-off-by: Reid Wahl <[email protected]>
Signed-off-by: Reid Wahl <[email protected]>
Signed-off-by: Reid Wahl <[email protected]>
Signed-off-by: Reid Wahl <[email protected]>
Signed-off-by: Reid Wahl <[email protected]>
Signed-off-by: Reid Wahl <[email protected]>
Signed-off-by: Reid Wahl <[email protected]>
Signed-off-by: Reid Wahl <[email protected]>
Signed-off-by: Reid Wahl <[email protected]>
Signed-off-by: Reid Wahl <[email protected]>
Signed-off-by: Reid Wahl <[email protected]>
Signed-off-by: Reid Wahl <[email protected]>
Signed-off-by: Reid Wahl <[email protected]>
Signed-off-by: Reid Wahl <[email protected]>
Signed-off-by: Reid Wahl <[email protected]>
Signed-off-by: Reid Wahl <[email protected]>
Signed-off-by: Reid Wahl <[email protected]>
Signed-off-by: Reid Wahl <[email protected]>
|
I've got a lot more commits queued up, but I've reduced this PR to being mostly for dropping |
These functions assert on memory allocation error, so they're guaranteed to return non-NULL. Signed-off-by: Reid Wahl <[email protected]>
We were assigning a possibly negative integer to rv, which is a cmd_result_t (an enum with minimum value 0). Coverity complained about potential underflow. [2025-11-20T15:41:08.642Z] /booth/src/attr.c:422: overflow_const: Expression "rv", where "send_header_plus(conf, fd, &hdr, data->str, data->len)" is known to be equal to -1, overflows the type of "rv", which is type "cmd_result_t". [2025-11-20T15:41:08.642Z] /booth/src/attr.c:424: path: Condition "data", taking true branch. [2025-11-20T15:41:08.642Z] /booth/src/attr.c:425: path: Condition "1", taking true branch. [2025-11-20T15:41:08.642Z] /booth/src/attr.c:425: path: Condition "1 /* !0 */", taking true branch. [2025-11-20T15:41:08.642Z] /booth/src/attr.c:428: return_overflow: "rv", which might have overflowed, is returned from the function. Also, g_string_sized_new() asserts on memory allocation failure, so we can safely assume that it returns non-NULL. Signed-off-by: Reid Wahl <[email protected]>
Some of these don't do anything except return rv. Also don't guard freeing a NULL pointer. Signed-off-by: Reid Wahl <[email protected]>
|
Satisfy Coverity with "Return correct type" commit (plus two other minor ones) |
Signed-off-by: Reid Wahl <[email protected]>
Coverity complained: [2025-11-20T15:41:08.642Z] /booth/src/main.c:357: tainted_data_return: Called function "read(fd, conf->authkey, 64UL)", and a possible return value may be less than zero. [2025-11-20T15:41:08.642Z] /booth/src/main.c:357: cast_overflow: An assign that casts to a different type, which might trigger an overflow. [2025-11-20T15:41:08.642Z] /booth/src/main.c:359: overflow_sink: "conf->authkey_len", which might be negative, is passed to "trim_key(conf)". [2025-11-20T15:41:08.642Z] /booth/src/main.c:313: loop_bound_upper: Using tainted expression "conf->authkey_len" as a loop boundary. Signed-off-by: Reid Wahl <[email protected]>
It was unused. Signed-off-by: Reid Wahl <[email protected]>
Signed-off-by: Reid Wahl <[email protected]>
|
Turns out some of the "unrelated" commits that I had in the first iteration of this PR, were there for a reason :/ I've added more of them again, because Coverity is once again complaining. |
2 participants
Working on #82.