From: Junio C Hamano <gitster@pobox.com>
To: "Elijah Newren via GitGitGadget" <gitgitgadget@gmail.com>
Cc: git@vger.kernel.org, Elijah Newren <newren@gmail.com>
Subject: Re: [PATCH 2/3] ci: add build checking for side-effects in assert() calls
Date: Thu, 13 Mar 2025 18:06:21 -0700 [thread overview]
Message-ID: <xmqqy0x8l8tu.fsf@gitster.g> (raw)
In-Reply-To: <80dcc2ba3aa0ef72abe18f8525d571ea39ac6382.1741911652.git.gitgitgadget@gmail.com> (Elijah Newren via GitGitGadget's message of "Fri, 14 Mar 2025 00:20:51 +0000")
"Elijah Newren via GitGitGadget" <gitgitgadget@gmail.com> writes:
> +make CHECK_ASSERTION_SIDE_EFFECTS=1 >compiler_output 2>compiler_error
> +if test $? != 0
> +then
> + echo "ERROR: The compiler could not verify the following assert()" >&2
> + echo " calls are free of side-effects. Please replace with" >&2
> + echo " BUG_IF_NOT() calls." >&2
> + grep undefined.reference.to..not_supposed_to_survive compiler_error \
> + | sed -e s/:[^:]*$// | sort | uniq | tr ':' ' ' \
> + | while read f l
A few style guides:
- doing multiple echo into the same descriptor is easier to read if
you have redirection near the beginning, i.e.
echo >&2 "message one"
echo >&2 "message two that may way be longer than the previous"
ehco >&2 "message three"
- multi-line pipelines are easier to follow without backslash by
ending the previous line with a '|', i.e.
grep ... file |
sed -e ... |
while read file line
do
...
- I thought our "one indent one tab" standard extends to shell
scripts as well?
> diff --git a/git-compat-util.h b/git-compat-util.h
> index c3415ad7e0a..0aefd763751 100644
> --- a/git-compat-util.h
> +++ b/git-compat-util.h
> @@ -1584,4 +1584,10 @@ static inline void *container_of_or_null_offset(void *ptr, size_t offset)
> ((uintptr_t)&(ptr)->member - (uintptr_t)(ptr))
> #endif /* !__GNUC__ */
>
> +#ifdef CHECK_ASSERTION_SIDE_EFFECTS
> +#undef assert
> +extern int not_supposed_to_survive;
> +#define assert(expr) ((void)(not_supposed_to_survive || (expr)))
> +#endif /* CHECK_ASSERTION_SIDE_EFFECTS */
Cute. As this checking assert is in void context, the optimizing
compiler knows that the entire thing can be optimized away ONLY IF
it can somehow prove that (expr) has no side effect. And if it does
not optimize it away, you will hit an error from the linker, saying
that the undefined variable is being used.
This requires a fairly good optimizing compiler that can peek into
(as in "inline") what is in expr to notice, so it cannot be free of
false positive, but at least when the optimization works as expected,
it is provably (modulo optimizer bugs) side-effect free.
Is this something we can use in our project? I am just double
checking.
Thanks.
next prev parent reply other threads:[~2025-03-14 1:06 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-03-14 0:20 [PATCH 0/3] Add a static analysis job to prevent assertions with side effects Elijah Newren via GitGitGadget
2025-03-14 0:20 ` [PATCH 1/3] git-compat-util: introduce BUG_IF_NOT() macro Elijah Newren via GitGitGadget
2025-03-14 0:20 ` [PATCH 2/3] ci: add build checking for side-effects in assert() calls Elijah Newren via GitGitGadget
2025-03-14 1:06 ` Junio C Hamano [this message]
2025-03-14 1:18 ` brian m. carlson
2025-03-14 1:20 ` Junio C Hamano
2025-03-14 1:27 ` Elijah Newren
2025-03-14 17:29 ` Junio C Hamano
2025-03-16 6:38 ` Elijah Newren
2025-03-17 15:45 ` Elijah Newren
2025-03-17 22:27 ` Junio C Hamano
2025-03-14 0:20 ` [PATCH 3/3] treewide: replace assert() with BUG_IF_NOT() in special cases Elijah Newren via GitGitGadget
2025-03-16 6:41 ` [PATCH v2 0/3] Add a static analysis job to prevent assertions with side effects Elijah Newren via GitGitGadget
2025-03-16 6:42 ` [PATCH v2 1/3] git-compat-util: introduce BUG_IF_NOT() macro Elijah Newren via GitGitGadget
2025-03-17 22:33 ` Junio C Hamano
2025-03-17 22:36 ` Taylor Blau
2025-03-16 6:42 ` [PATCH v2 2/3] ci: add build checking for side-effects in assert() calls Elijah Newren via GitGitGadget
2025-03-17 22:30 ` Taylor Blau
2025-03-19 16:21 ` Elijah Newren
2025-03-19 22:26 ` Taylor Blau
2025-03-17 22:37 ` Junio C Hamano
2025-03-16 6:42 ` [PATCH v2 3/3] treewide: replace assert() with BUG_IF_NOT() in special cases Elijah Newren via GitGitGadget
2025-03-17 22:33 ` Taylor Blau
2025-03-17 22:34 ` [PATCH v2 0/3] Add a static analysis job to prevent assertions with side effects Taylor Blau
2025-03-19 16:22 ` [PATCH v3 " Elijah Newren via GitGitGadget
2025-03-19 16:22 ` [PATCH v3 1/3] git-compat-util: introduce ASSERT() macro Elijah Newren via GitGitGadget
2025-03-19 16:22 ` [PATCH v3 2/3] ci: add build checking for side-effects in assert() calls Elijah Newren via GitGitGadget
2025-03-19 16:22 ` [PATCH v3 3/3] treewide: replace assert() with ASSERT() in special cases Elijah Newren via GitGitGadget
2025-03-19 22:27 ` Taylor Blau
2025-03-19 22:27 ` [PATCH v3 0/3] Add a static analysis job to prevent assertions with side effects Taylor Blau
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=xmqqy0x8l8tu.fsf@gitster.g \
--to=gitster@pobox.com \
--cc=git@vger.kernel.org \
--cc=gitgitgadget@gmail.com \
--cc=newren@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).