Re: [hatari-devel] fixing errors reported by GCC 10 -fanalyzer

[ Thread Index | Date Index | More lists.tuxfamily.org/hatari-devel Archives ]

To: hatari-devel@xxxxxxxxxxxxxxxxxxx
Subject: Re: [hatari-devel] fixing errors reported by GCC 10 -fanalyzer
From: Nicolas Pomarède <npomarede@xxxxxxxxxxxx>
Date: Tue, 12 May 2020 22:50:27 +0200

Le 11/05/2020 à 17:05, Eero Tamminen a écrit :

"Impossible things" shouldn't happen in Hatari's final releases ifthey've been properly tested,
so I think it's OK to disable asserts for them
(although I would prefer them being enabled
there also).

Hi

I agree that in a perfect world that would be the case, but bugs reportsover the year unfortunately show that users don't use devel/alpha/betaversion of hatari and that we don't have enough man power to go throughlots of games/demos testing before each release to ensure we don't haveregression or bugs or crashes.

Most of the time, we get valuables/reproducable bug reports once theversion is released (without assert() ). Not every bug in that case leadto a crash, but I'm afraid the user base of devel version is not largeenough to ensure "impossible things" have all been tested and won'thappen on the final release.

My point is more : each time there's a assert(), shouldn't we try toremove it by studying all entry points of the code with that assert andensure the cause is cured at the root ?

For example, in floppy.c there're some assert to ensure drive is not >=max_floppy_drive. Of course we shouldn't let that happen, but then weshould find all possible places where "drive" can be changed and fixthem once for all if needed.I mean why "drive" is tested with an assert and not "nHBL" or"cycles_per_line" or any variable that can index an array ? C is alanguage that allows directly accessing memory, it has its advantage butcan also lead to memory corruption. To avoid this, we should havequality code (which I think we have often).

I don't think assert() are a long time solution of "impossible thingsthat shouldn't happen but happen anyway". If they happen, then there's abug that can maybe be fixed by doing more in depth study of the code'slogic (as gcc 10 -fanalyzer is trying to do, with many false positive atthe moment).



Nicolas

Follow-Ups:
- Re: [hatari-devel] fixing errors reported by GCC 10 -fanalyzer
  - From: Thomas Huth

References:
- [hatari-devel] fixing errors reported by GCC 10 -fanalyzer
  - From: Nicolas Pomarède
- Re: [hatari-devel] fixing errors reported by GCC 10 -fanalyzer
  - From: Thomas Huth
- Re: [hatari-devel] fixing errors reported by GCC 10 -fanalyzer
  - From: Eero Tamminen
- Re: [hatari-devel] fixing errors reported by GCC 10 -fanalyzer
  - From: Nicolas Pomarède
- Re: [hatari-devel] fixing errors reported by GCC 10 -fanalyzer
  - From: Thomas Huth
- Re: [hatari-devel] fixing errors reported by GCC 10 -fanalyzer
  - From: Nicolas Pomarède
- Re: [hatari-devel] fixing errors reported by GCC 10 -fanalyzer
  - From: Eero Tamminen

Messages sorted by: [ date | thread ]
Prev by Date: Re: [hatari-devel] fixing errors reported by GCC 10 -fanalyzer
Next by Date: Re: [hatari-devel] fixing errors reported by GCC 10 -fanalyzer
Previous by thread: Re: [hatari-devel] fixing errors reported by GCC 10 -fanalyzer
Next by thread: Re: [hatari-devel] fixing errors reported by GCC 10 -fanalyzer

Mail converted by MHonArc 2.6.19+

http://listengine.tuxfamily.org/