On Mon, Aug 6, 2018 at 9:15 AM Johannes Schindelin <johannes.schinde...@gmx.de> wrote: > On Sun, 5 Aug 2018, Eric Sunshine wrote: > > Although this appears to be a faithful translation of the assert() to > > BUG(), as mentioned by Andrei in his review of 3/4, the existing > > assert() seems to have an off-by-1 error, which means that the "> a" > > here really ought to be ">= a". > > I think Andrei's assessment is wrong. The code could not test for that > earlier, as it did allow ranges to become "abutting" in the process, by > failing to merge them. So the invariant you talked about is more of an > invariant for the initial state.
I'm having trouble interpreting your response. My understanding is that range_set_append() is intended to be strict by not allowing addition of a range which abuts an existing range (although, of course, the assert() checks only the last range, so it's not full-proof). Assuming that to be correct, then the assertion contains a one-off-error (according to my reasoning). I'm sensing from your reply that you seem to have a different idea about range_set_append()'s intended use. > My 3/4 would make that invariant heeded throughout the process. > > I am still keen on keeping the invariants straight *without* resorting to > dirty tricks like calling sort_and_merge. Calling that function would just > make it easier for bugs to hide in this code. Indeed, avoiding the "dirty trick" would be ideal, although, I still haven't wrapped my head around it enough to be able to say whether the computed offset, when applied to the range in question, could cause that range to abut or overlap an existing range. (There are, of course, valid uses for range_set_append_unsafe() / sort_and_merge(), such as allowing -L options to overlap and be specified in any order. Batch-adding them to the range-set via range_set_append_unsafe() and letting sort_and_merge() sort them all out is plenty sensible.)
