Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1758304AbXJXOC4 (ORCPT ); Wed, 24 Oct 2007 10:02:56 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S1755336AbXJXOCs (ORCPT ); Wed, 24 Oct 2007 10:02:48 -0400 Received: from palinux.external.hp.com ([192.25.206.14]:57454 "EHLO mail.parisc-linux.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753993AbXJXOCs (ORCPT ); Wed, 24 Oct 2007 10:02:48 -0400 Date: Wed, 24 Oct 2007 08:02:46 -0600 From: Matthew Wilcox To: Florian Weimer Cc: torvalds@linux-foundation.org, akpm@linux-foundation.org, linux-kernel@vger.kernel.org, Matthew Wilcox Subject: Re: [PATCH 1/4] stringbuf: A string buffer implementation Message-ID: <20071024140246.GY27248@parisc-linux.org> References: <1193173966-3550-1-git-send-email-matthew@wil.cx> <87sl401we5.fsf@mid.deneb.enyo.de> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <87sl401we5.fsf@mid.deneb.enyo.de> User-Agent: Mutt/1.5.13 (2006-08-11) Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1632 Lines: 39 On Wed, Oct 24, 2007 at 03:21:06PM +0200, Florian Weimer wrote: > > +struct stringbuf { > > + char *s; > > + int alloc; > > + int len; > > +}; > > I think alloc and len should be unsigned (including some return values > in the remaining patch). I don't. Strings should never be as long as 2GB. To put this in perspective, the *entire* Encyclopaedia Britannica (all 32 volumes) is estimated at being 1GB of text. While it would be a fair criticism that I haven't put a check for overrunning 2GB in the code, the implementation relies on a single continuous buffer from kmalloc, and that's currently limited to 33554432 bytes (32MB). I don't foresee kmalloc's maximum size going up by 7 orders of magnitude -- and if it did, fragmentation would prevent you from ever getting it. So, I might consider a change to set -E2BIG instead of -ENOMEM if we pass KMALLOC_MAX_SIZE, but I do think this criticism is rather straining at gnats. Also, 'alloc' can be an errno, and that is signalled by a negative number. Yes, we could do something like if (sb->alloc > (unsigned)-4095) like the mmap code does, but given the points above, it's just not worth doing. -- Intel are signing my paycheques ... these opinions are still mine "Bill, look, we understand that you're interested in selling us this operating system, but compare it to ours. We can't possibly take such a retrograde step." - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/