Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
To me the problem lies in mixing error return codes with values. A better solution would be to change the signature of the function into:
int tsrb_get_one(tsrb_t *rb, char *dst)
. Also the same problem is otherwise withtsrb_get()
below.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I disagree with changing the signature of the API-facing
tsrb_get_one()
/tsrb_get()
. Rather,_pop()
's return value should just be cast tounsigned char
. Sincesizeof(unsigned char) < sizeof(int)
on all of our platforms, this is acceptable and does not mix error return codes with values.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this still looks wrong to me bc it uses
char
notunsigned char
when adding stuff also the buffer ischar
. It just does not look really (type) safe to me - I would useuint8_t
to make it explicit.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
IMO casting to unsigned char is the best option here. It is what getchar is doing, so can be called ideomatic C.
Also we might get away with calling this a bugfix, as the documentation clearly states that it returns the byte as
>= 0
. Now that I think of it, the cast must have been my initial intention anyways.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In my opinion, we should focus on fixing the bug first, than we can discuss API changes for type safeness. The bug is fixable without an API change, so we should do that first, then do an API change if necessary. This not only makes the merge of this bug fix faster, but also allows for a better understanding of the thought process of the API change when looking at the code's history.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@smlng are you fine with this fix for now, and we revisit the API later?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
yeah, but it should not be that much later.
Another idea for a fix:
Documentation states, that this assumes a single producer and consumer scenario, right? So actually there is no need to return
-1
on error but rather change the function tochar tsrb_get_one()
and the consumer MUST calltsrb_empty
before access on its own otherwise the consumer might get an old/invalid value. This works because there is only one consumer hence there can be no other consumer manipulating thereads
.Still it might be sensible to change every
char
tounsigned char
anyway.