On Wed, Jul 8, 2015 at 10:18 PM, Noah Misch <n...@leadboat.com> wrote: > One function had a comment explaining its workaround for an OS bug, while > another function ignored the same bug. That is always a defect in the > comments at least; our code shall tell a uniform story about its API > assumptions. I started this thread estimating that it would end with me > merely deleting the comment. Thomas Munro and Tom Lane located evidence I > hadn't found, evidence that changed the conclusion.
That seems very reasonable. I noticed that you removed the glibc strxfrm() comment (or at least the questioning of its behavior), which was a good decision. >> When you have to worry about a standard library function >> blithely writing past the end of a buffer, when its C89 era interface >> must be passed the size of said buffer, where does it end? > > Don't worry about the possibility of such basic bugs until someone reports > one. Once you have such a report, though, assume the interface behaves as > last reported until you receive new evidence. We decide whether to work > around such bugs based on factors like prevalence of affected systems, > simplicity of the workaround, and ease of field diagnosis in the absence of > the workaround. I must admit that I was rather surprised that more or less the same blitheness about writing past the end of a buffer occurred a second time in an apparently independent standard library implementation. I think that illustrates your point well. Thanks -- Peter Geoghegan -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
