[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v2] lib: extend ASSERT()


  • To: George Dunlap <George.Dunlap@xxxxxxxxxx>
  • From: Bertrand Marquis <Bertrand.Marquis@xxxxxxx>
  • Date: Wed, 16 Feb 2022 13:57:29 +0000
  • Accept-language: en-GB, en-US
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=x99K0ND1sSpv+9jO4RTCV6C3fUnM6g2czl+uqfGJaVQ=; b=oIOq6/FGxuAYy1xLTz+b+PScYusCVYXS5QwXB/0b0MrQJEf/FCHXYojlxWQBO/kl4oCR+oqICzB8D9c3kNgiVsDKqmH1tXgBM3jzzcQ7X4Nr9LpXe9odb4xNVQhNqwAHJkcc2aHIH6wnK+9GW1ZWIJvmnLIuVKvqCrk+IRaCx7vswhd6oLHpdVb+G67yQ12VjYiV8k2d9XpDQFnWUUMH1qtqx2zEqYDfFHkL1lno+A2ftB1Upiyyy68f4340iFWLCwvn7P1/AX0DsDVfiolNrrmbxGMZIOi62b09pi/rHEYZtlbcU5Y3FWHMav7h3fVtkfkhXiWOITMIAASKDKdN1w==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=kycm7BB/GsMQppyRFOd87zF8h1hA6TrQPho24T9O02/c8PJvyK1uad+xaWx4xVWCtYaW/odpios6+hT1/41rd2rsb0yo1xL2xE6ptwiUw3iJxx2DAdM1K4tZ9e5J5A2/DBcGn4RjfdBjy8mnE71QxoaIuKGxVxCxpvKl8zzQcqrrkxWJzQ59YgXWc9KQOta+ctCzUz4iHPigDSqTCB8LMhn798+/mBR6SMFjcsBUpRPR6bMl9K008uY897WT3DBBvQS0q7yhil0j50f30NO5k8GgYrNAVGxMeHdBN/CWkqK9mayxoZhQNQ8Z6vaJkEajqC++ABOcAmCJNlXYNdbHXw==
  • Authentication-results-original: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com;
  • Cc: Jan Beulich <jbeulich@xxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Andrew Cooper <Andrew.Cooper3@xxxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Roger Pau Monne <roger.pau@xxxxxxxxxx>, Julien Grall <julien@xxxxxxx>
  • Delivery-date: Wed, 16 Feb 2022 13:58:00 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
  • Nodisclaimer: true
  • Original-authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com;
  • Thread-index: AQHYE4sUwaOwwc8tCU249z99fRIDqqyVNw0AgADQBoCAAAHjAIAAIjuAgAACWYCAAAt3gIAAGi0A
  • Thread-topic: [PATCH v2] lib: extend ASSERT()

Hi,

> On 16 Feb 2022, at 12:23, George Dunlap <George.Dunlap@xxxxxxxxxx> wrote:
> 
> 
> 
>> On Feb 16, 2022, at 11:42 AM, Jan Beulich <jbeulich@xxxxxxxx> wrote:
>> 
>> On 16.02.2022 12:34, George Dunlap wrote:
>> 
>>> I am opposed to overloading “ASSERT” for this new kind of macro; I think it 
>>> would not only be unnecessarily confusing to people not familiar with our 
>>> codebase, but it would be too easy for people to fail to notice which macro 
>>> was being used.
>>> 
>>> ASSERT_ACTION(condition, code) (or even ASSERT_OR_ACTION()) would be a bare 
>>> minimum for me.
>>> 
>>> But I can’t imagine that there are more than a handful of actions we might 
>>> want to take, so defining a macro for each one shouldn’t be too burdensome.
>>> 
>>> Furthermore, the very flexibility seems dangerous; you’re not seeing what 
>>> actual code is generated, so it’s to easy to be “clever”, and/or write code 
>>> that ends up doing something different than you expect.
>>> 
>>> At the moment I think ASSERT_OR_RETURN(condition, code), plus other new 
>>> macros for the other behavior is needed, would be better.
>> 
>> Hmm, while I see your point of things possibly looking confusing or
>> unexpected, something like ASSERT_OR_RETURN() (shouldn't it be
>> ASSERT_AND_RETURN()?) is imo less readable. In particular I dislike
>> the larger amount of uppercase text. But yes, I could accept this
>> as a compromise as it still seems better to me than the multi-line
>> constructs we currently use.
> 
> I see what you’re saying with AND/OR; I personally still prefer OR but 
> wouldn’t argue to hard against AND if others preferred it.
> 
> As far as I’m concerned, the fact that we’re reducing lines of code isn’t a 
> reason to use this at all.  As our CODING_STYLE says, ASSERT() is just a 
> louder printk.  We would never consider writing PRINTK_AND_RETURN(), and we 
> would never consider writing a macro like CONDRET(condition, retval) to 
> replace
> 
> if (condition)
>    return retval;
> 
> The only justification for this kind of macro, in my opinion, is to avoid 
> duplication errors; i.e. replacing your code segment with the following:
> 
> if (condition) {
>    ASSERT(!condition);
>    return foo;
> }
> 
> is undesirable because there’s too much risk that the conditions will drift 
> or be inverted incorrectly. But having control statements like ‘return’ and 
> ‘continue’ in a macro is also undesirable in my opinion; I’m personally not 
> sure which I find most undesirable.
> 
> I guess one advantage of something like ASSERT_OR(condition, return foo); or 
> ASSERT_OR(condition, continue); is that searching for “return” or “continue” 
> will come up even if you’re doing a case-sensitive search.  But I’m still 
> wary of unintended side effects.
> 
> Bertrand / Julien, any more thoughts?

I think that having macros which are magic like that one which includes a 
possible return and the fact that the macro is taking code as argument is 
making the code really hard to read and understand for someone not knowing this.
Even the code is longer right now, it is more readable and easy to understand 
which means less chance for errors so I do not think the macro will avoid 
errors but might in fact introduce some in the future.

So I am voting to keep the current macro as it is.

Bertrand

> 
> -George


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.