Tim Peters <t...@python.org> added the comment:
I agree there's pointless code now, but don't understand why the patch replaces it with mysterious asserts. For example, what's the point of this? assert(Py_SIZE(a) <= PY_SSIZE_T_MAX / sizeof(PyObject*)); assert(Py_SIZE(b) <= PY_SSIZE_T_MAX / sizeof(PyObject*)); The invariant that needs to be maintained is that the number of elements is no larger than PY_SSIZE_T_MAX, so the _relevant_ thing to assert is: assert(Py_SIZE(a) + Py_SIZE(b) <= PY_SSIZE_T_MAX); That in turn cries out for an explanation of why it must be true. The asserts actually in the patch are part of that explanation, but on their own appear to be coming from Mars. They're missing the conclusion, and rely on further unstated subtleties. Suggest adding a comment where the structs are defined, like: """ Note: Python's memory allocators return at most PY_SSIZE_T_MAX bytes. Therefore a vector of PyObject* can contain no more than PY_SSIZE_T_MAX / sizeof(PyObject*) elements. In particular, a PyObject* consumes at least 2 bytes, so a vector can contain no more than PY_SSIZE_T_MAX / 2 elements. Code freely relies on that. #if SIZEOF_VOID_P < 2 # error "size of pointer less than 2 bytes?!" #endif """ ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <https://bugs.python.org/issue34397> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
