include/ceph_assert: disable with NDEBUG#60160
include/ceph_assert: disable with NDEBUG#60160MaxKellermann wants to merge 1 commit intoceph:mainfrom
Conversation
"ceph API tests" failure apparently not related to this PR. |
This makes ceph_assert() behave like the standard C assert() macro: in release builds (with `-DNDEBUG`), assertions should be compiled out, leaving no overhead. This reduces the code size of `ceph-mds` (static build including `libceph-common`) by 550 kB. Signed-off-by: Max Kellermann <[email protected]>
MaxKellermann
force-pushed
the
assert_ndebug
branch
from
42d46de to
912be7c
Compare
|
|
||
| #ifdef __SANITIZE_ADDRESS__ | ||
| #ifdef NDEBUG | ||
| #define ceph_assert(expr) do {} while (false) |
There was a problem hiding this comment.
This is a huge change. Many years ago there was an idea to replace the important occurrences of ceph_assert() with ceph_assert_always() and compile-out everything else for production builds. The problem is of course in judging what's essential across the entire code-base.
If you want to resurrect the effort, I would propose to bring the topic to next Ceph Development Montly meeting.
How much of CPU overhead does this squeeze?
There was a problem hiding this comment.
I havn't isolated this patch in my measurements, but I think it's a small piece. Most users can probably afford it, but we at IONOS have serious performance problems with the MDS, so we want to squeeze out every bit we can (and we will leave patches that are not accepted upstream in our private fork).
I do however not get the point of ceph_assert_always() - by design, assertions are only for detecting bugs in debug builds - is this for people not confident enough in their code, and they still think they need guaranteed assertions in release builds? Why not regular runtime checks? (I'm not a fan of redundant runtime checks either. Get the code right, verify it with fine-grained unit tests, and remove all the unnecessary checks at release-runtime.)
There was a problem hiding this comment.
I havn't isolated this patch in my measurements, but I think it's a small piece.
I share this intuition on the CPU overhead.
I don't see benefit in optimizing the size of the executable as most of the asserts' code already is (IIRC; "should be" for sure) in cold sections, so they shouldn't inflict a cost even in terms of memory but just address space.
I do however not get the point of
ceph_assert_always()
Yeah, the effort to differentiate the asserts is long dead. Perhaps we should say this explicitly and switch everybody to ceph_assert().
by design, assertions are only for detecting bugs in debug builds - is this for people not confident enough in their code, and they still think they need guaranteed assertions in release builds?
Hah, I don't think a programmer should be confident enough till having a mathematical proof of correctness.
Why not regular runtime checks? (I'm not a fan of redundant runtime checks either.
What do you mean by regular run-time checks? Sanitizers?
Get the code right, verify it with fine-grained unit tests, and remove all the unnecessary checks at release-runtime.)
These assertions saved me so much investigation time in the wild that I really appreciate their presence in productions builds. As there is no clear evidence of high cost, I'm for rejecting the idea. Yet, if you think you have strong enough arguments, I'm happy to discuss at CDM (see https://tracker.ceph.com/projects/ceph/wiki/Planning).
|
@rzarzynski, how's the discussion of this PR going? Yay or any? Merge or reject? Something else, like add another compile-time option? |
Responded in comment above. |
|
Okay then, I'll keep this one in our private fork. |
I was curious and measured this; a With this change: That's 6-7% less CPU usage ( I agree that having assertions enabled is often very useful (my own software runs with assertions enabled in production), but that's an explicit choice at compile time (by not specifying |
2 participants
This makes ceph_assert() behave like the standard C assert() macro: in release builds (with
-DNDEBUG), assertions should be compiled out, leaving no overhead.This reduces the code size of
ceph-mds(static build includinglibceph-common) by 550 kB.Checklist