[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v2] lib: extend ASSERT()

  • To: Jan Beulich <jbeulich@xxxxxxxx>
  • From: Bertrand Marquis <Bertrand.Marquis@xxxxxxx>
  • Date: Wed, 16 Feb 2022 09:46:59 +0000
  • Accept-language: en-GB, en-US
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=enztSATIE0PNym+Bx0dO33uCIgY6HitJixLacRT1nfQ=; b=Jcw5mbp8OgM5+hOodEdFXVmgVsWJeWTutAVuE6Vkj51jUmE+CQKuVU1IqtHV1Vkt2ItYmdVnKaLXAwvoWam4Ki+KisHBRoXgYHUtAhYBpiqPkbwf7lnA6B3Wl0A12lnYRm84WcDb4mp9XZ0p2KxTpHJqHoOfO5PbSh9uFn0CziZEpaboH68jeIdeF+2wpJxdOaEDRDwJWmcKZNfMVyAM9zij+NN4vj+kQmVcvPyFSG4plVoxodLH/hV1uz7TnL325GW3Ig1C+mDZRFuiSfokXLTqJqIuI3sPvnYp83Kpf1IUCE+eFpNE2t14IVr72lXlv4hQ+af2z8/Lst5aa/ENNQ==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=OrHMiFH3dtrWS8QU1Irw2InPZzengRL2G28XTVEEcQT/le+SD4IYlM3nOrmK758pExR1mjj/fuALxi5DPTmj407J5UAxGACKvtDyt2ohLzL6ws96Ez+72e+Qa0o8NxOR8edD9nfunHjeic9NKiUhzwjT0J56HYhk4wPd9gfhQqPC16UeflgYSHJIm3aHVSwyaG8zHsc2EaYmL/0rhDFFhxWYfV/5/aQ2pZe6Htqt1fzyy5z8DSu7PdL1zoAAqMVfoP+ZbUSc0fIlAkm8X/TjVb5FAS1+Igtrtf1r3bHTDpMvn+BOem05pxbkggKtuo+s/41BFj7zEWARSNtVaxIGSA==
  • Authentication-results-original: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com;
  • Cc: "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, Julien Grall <julien@xxxxxxx>
  • Delivery-date: Wed, 16 Feb 2022 09:47:16 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
  • Nodisclaimer: true
  • Original-authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com;
  • Thread-index: AQHYE4sUwaOwwc8tCU249z99fRIDqqyVNw0AgADQBoCAAAHjAIAABDoA
  • Thread-topic: [PATCH v2] lib: extend ASSERT()
Hi Jan,

> On 16 Feb 2022, at 09:31, Jan Beulich <jbeulich@xxxxxxxx> wrote:
> 
> On 16.02.2022 10:25, Bertrand Marquis wrote:
>> Hi Jan, Julien,
>> 
>>> On 15 Feb 2022, at 21:00, Julien Grall <julien@xxxxxxx> wrote:
>>> 
>>> (+ Bertrand)
>>> 
>>> Hi Jan,
>>> 
>>> On 27/01/2022 14:34, Jan Beulich wrote:
>>>> The increasing amount of constructs along the lines of
>>>>    if ( !condition )
>>>>    {
>>>>        ASSERT_UNREACHABLE();
>>>>        return;
>>>>    }
>>>> is not only longer than necessary, but also doesn't produce incident
>>>> specific console output (except for file name and line number).
>>> 
>>> So I agree that this construct will always result to a minimum 5 lines. 
>>> Which is not nice. But the proposed change is...
>>> 
>>>> Allow
>>>> the intended effect to be achieved with ASSERT(), by giving it a second
>>>> parameter allowing specification of the action to take in release builds
>>>> in case an assertion would have triggered in a debug one. The example
>>>> above then becomes
>>>>    ASSERT(condition, return);
>>>> Make sure the condition will continue to not get evaluated when just a
>>>> single argument gets passed to ASSERT().
>>>> Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>
>>>> ---
>>>> v2: Rename new macro parameter.
>>>> ---
>>>> RFC: The use of a control flow construct as a macro argument may be
>>>>     controversial.
>>> 
>>> indeed controversial. I find this quite confusing and not something I would 
>>> request a user to switch to if they use the longer version.
>>> 
>>> That said, this is mainly a matter of taste. So I am interested to hear 
>>> others view.
>>> 
>>> I have also CCed Bertrand to have an opinions from the Fusa Group (I 
>>> suspect this will go backward for them).
>> 
>> Thanks and here is my feedback in regards to Fusa here.
>> 
>> Most certification standards are forbidding completely macros including
>> conditions (and quite a number are forbidding static inline with conditions).
>> The main reason for that is MCDC coverage (condition/decisions and not only
>> code line) is not possible to do anymore down to the source code and has to 
>> be
>> done down to the pre-processed code.
>> 
>> Out of Fusa considerations, one thing I do not like in this solution is the 
>> fact that
>> you put some code as parameter of the macro (the return).
>> 
>> To make this a bit better you could put the return code as parameter
>> instead of having “return CODE” as parameter.
> 
> Except that it's not always "return" what you want, and hence it
> can't be made implicit.

Then having code as parameter for a macro is really not nice I think.

> 
>> An other thing is that Xen ASSERT after this change will be quite different 
>> from
>> any ASSERT found in other projects which could make it misleading for 
>> developers.
>> Maybe we could introduce an ASSERT_RETURN macros instead of modifying the
>> behaviour of the standard ASSERT ?
> 
> Along the lines of the above, this would then mean a multitude of
> new macros.

Understood then my statement of Xen having an ASSERT different from any other 
known
assert still stands, this is no something I would vote for.
If you want to keep the code then maybe using ASSERT_ACTION or something like 
that 
and keep ASSERT being a standard assert would be a good idea.

Regards
Bertrand

> 
> Jan

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.