[PATCH 2/3] new: Add all initial tags at once
Carl Worth
cworth at cworth.org
Wed Jan 26 21:03:49 PST 2011
On Wed, 26 Jan 2011 17:52:53 +0100, Thomas Schwinge <thomas at schwinge.name> wrote:
> I do support the patch's idea (which was recently committed; and what
> follows in this message is not at all directed towards Michal, who wrote
> this patch) -- but what about return values checking? This is one aspect
> of the notmuch C code (which I generally consider to be nice to read and
> of high quality, as I said before already), that I consider totally
> lacking -- there are literally hundreds of C functions calls where the
> return values are just discarded. This is bad. For example (simulating
> a full disk):
>
> $ notmuch dump > /dev/full
> $ echo $?
> 0
All very well pointed out. This is clearly something we need to fix.
> Other languages have the concept of exceptions; C doesn't, so we're
> supposed to put some ``ABORT_IF_NOT_NOTMUCH_STATUS_SUCCESS(ret)''
> statements after each and every non-void (etc.) C function call. Or make
> the functions abort themselves (which is not a too good idea, as we
> surely agree). Or use a different programming language -- now, at the
> present state, it wouldn't be too painful to switch, in my opinion. (I
> won't suggest any specific language, though.)
I wouldn't have any problem with anyone re-implementing notmuch in some
other language than C. But that's not something I would be likely to
work on myself, I don't think.
> If staying with C (which I
> don't object, either), then this needs a whole code audit, and a lot of
> discipline in the future.
Even a code audit and developer discipline won't be enough here. We'll
still miss things.
What we need is exhaustive testing. A great approach is to take calls
like malloc, open, read, write, etc. and at each site, fork() and fail
the call along one path, (which should then exit with a failure), and
then let the other path continue.
Just a few hours ago I attended an interesting talk by Rusty Russell in
which he talks about a CCAN module he has written called failtest which
provides an implementation of this kind of testing.
I'd love to see something like that integrated with notmuch.
> Comments? (And I hope this doesn't sound too harsh :-) -- but it is a
> serious programming issue.)
Please don't apologize! It would be a shame if people didn't share
problems they notice in the code. Being able to hear those kinds of
things is one of the great benefits I get from publishing this code as
free software.
So, please, keep the suggestions coming!
-Carl
--
carl.d.worth at intel.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://notmuchmail.org/pipermail/notmuch/attachments/20110127/bb600e96/attachment.pgp>
More information about the notmuch
mailing list