[Dev] Asserts? (was: RE: Keyboard issues with Weston and AGL application suite)

Frederico Cadete Frederico.Cadete at awtce.be
Fri Oct 16 08:38:22 GMT 2015


genivi-projects-bounces at lists.genivi.org wrote on 10/16/2015 10:10:41 AM:

> From: "Andersson, Gunnar" <gunnar.x.andersson at volvocars.com>
> To: Derek Foreman <derekf at osg.samsung.com>, "dev at lists.tizen.org"
> <dev at lists.tizen.org>, "ivi at lists.tizen.org" <ivi at lists.tizen.org>,
> "genivi-projects at lists.genivi.org" <genivi-
> projects at lists.genivi.org>, "automotive-
> discussions at lists.linuxfoundation.org" <automotive-
> discussions at lists.linuxfoundation.org>, Leon Anavi
<leon.anavi at konsulko.com>
> Date: 10/16/2015 10:11 AM
> Subject: RE: Asserts? (was: RE: Keyboard issues with Weston and AGL
> application suite)
> Sent by: genivi-projects-bounces at lists.genivi.org
>
> A more general follow-up
>
> Is there any tool that can instrument C-code to introduce null-
> pointer checks, say for a subset, like all pointer accesses within
> the relatively complex structure datatype used in the example below?

I think modern compiler's address sanitizer will catch that, plus
other interesting memory access bugs.
https://en.wikipedia.org/wiki/AddressSanitizer
I've heard suggestions to use this in test setups. It is probably
too much performance overhead to use in production.

>
> Surprisingly I received several personal replies - AFAICT no mailing
> list on CC?
> Public thanks here to those of you who chose to answer off-list.
> (And if it was not deliberate, feel free to post your email and my
response)

Not deliberate. Just my usual issues with mutt's "UI".
Here's me giving up and using an email client for humble people:

"Andersson, Gunnar" <gunnar.x.andersson at volvocars.com> wrote on 10/16/2015
10:10:41 AM:
> From: "Andersson, Gunnar" <gunnar.x.andersson at volvocars.com>
> To: Frederico Cadete <frederico.cadete at awtce.be>
> Date: 10/16/2015 10:10 AM
> Subject: RE: [agl-discussions] Asserts? (was: RE: Keyboard issues
> with Weston and AGL application suite)
>
> Hi Frederico!
>
> >From: Frederico Cadete [mailto:frederico.cadete at awtce.be]
> >Sent: den 15 oktober 2015 18:47
> >To: Andersson, Gunnar
> >Subject: Re: [agl-discussions] Asserts? (was: RE: Keyboard issues
> with Weston and AGL application suite)
> >
> >On Thu, Oct 15, 2015 at 04:26:05PM +0000, Andersson, Gunnar wrote:
...
> >>
> >> So, opinion question... why do people not use asserts?   Is it not a
> >> worthwhile trade-off?
> >
> >In my humble and very gratuitous opinion:
> >
> >Asserts should only be kept in production code when they check
> >irrecoverable logical preconditions for the code that follows.
>
> Yep.
>
> >If it's for checking non-NULL pointers, well, SIGSEGV aborts as well as
an
> >assert, and does not pollute my code source. Granted, SIGSEGV will not
> >tell you where it triggered, but in a development environment that's
> >easily found with gdb.
>
> I think you are right - developers need a reasonable debugger setup
anyhow.
>
> >In production it's harder.
> >
> >For the specific case in point, the policy of not asserting every
pointer
> >dereference in the code base seems sane to me. Asserts and pointer
checks
> >should be done when the NULL pointer has a logical meaning.
>
> Agree with you for pointer checks.  But if it is expected that it
> can be NULL I suppose you do an explicit if statement, not an assert?
> For me asserts are more for "this should never happen" (well strictly
> speaking they say the opposite - "this should always be true")
>
> >
> >In this case the pointer check was added when it was recognized that the
> >NULL pointer could validly happen. The developer decided to just call
> >return, failing more graciously than an assert. End result is better.
>
> Of course, as I said, I think the bug fix is absolutely correct.  Any
> asserting would have happened earlier.  I was wondering if it would have
> been a worthwhile tradeoff to do it earlier.  A certain amount of time
was
> spent finding where the error was.   The reporter did not have enough
> knowledge to find/fix it himself but maybe with an assert showing the
file
> and line, he could have. These are just the things I was thinking about,
> and I can imagine it is not a worthwhile tradeoff.
>
> >
> >TLDR: I prefer to crash, debug and fix, because the alternative is
> >spamming asserts.
>
> Got it, and this is the kind of understanding I wanted - what other
> Developers prefer and have found is the best way.
>
> >
> >Regards,
> >Frederico

>
> -----Original Message-----
> From: genivi-projects-bounces at lists.genivi.org [mailto:genivi-
> projects-bounces at lists.genivi.org] On Behalf Of Derek Foreman
> Sent: den 15 oktober 2015 19:22
> To: Andersson, Gunnar; dev at lists.tizen.org; ivi at lists.tizen.org;
> genivi-projects at lists.genivi.org; automotive-
> discussions at lists.linuxfoundation.org; Leon Anavi
> Subject: Re: Asserts? (was: RE: Keyboard issues with Weston and AGL
> application suite)
>
> On 15/10/15 11:26 AM, Andersson, Gunnar wrote:
> > This is not really on topic...
> >
> > But seeing this issue just reminds me of a question that nags me.
> >
> > Why do people not use asserts in most projects?   Is it considered
> > to be ugly noise, is it not "cool" to use them, ... or what?
> >
> > It's just that in a line like the original one (this is just an
example)
> >
> >    &context->input_method->seat->keyboard->input_method_grab;
> >
> > at least my brain *cannot* avoid asking if every pointer is valid...
> [trimmed]
>
> _______________________________________________
> genivi-projects mailing list
> genivi-projects at lists.genivi.org
> https://lists.genivi.org/mailman/listinfo/genivi-projectsThis mail, and any attachments thereto, is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient, please note that any review, dissemination, disclosure, alteration, printing, copying or transmission of this mail and/or any file transmitted with it, is strictly prohibited and may be unlawful. If you have received this mail by mistake, please immediately notify the sender as well as our mail administrator at postmaster at aweurope.be, and permanently destroy the original as well as any copy thereof.  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.tizen.org/pipermail/dev/attachments/20151016/1f789c94/attachment-0001.html>


More information about the Dev mailing list