Re: [PATCH v2 06/12] qapi/source: Add builtin null-object sentinel

[John Snow]

On 1/13/21 10:39 AM, Markus Armbruster wrote:
> Spelling nitpick: s/builtin/built-in/ in the title.

Sure.

> John Snow <jsnow@redhat.com> writes:
>
> > We use None to represent an object that has no source information
> > because it's a builtin. This complicates interface typing, since many
> > interfaces expect that there is an info object available to print errors
> > with.
> >
> > Introduce a special QAPISourceInfo that represents these built-ins so
> > that if an error should so happen to occur relating to one of these
> > builtins that we will be able to print its information, and interface
> > typing becomes simpler: you will always have a source info object.
> >
> > This object will evaluate as False, so "if info" remains a valid
> > idiomatic construct.
> >
> > NB: It was intentional to not allow empty constructors or similar to
> > create "empty" source info objects; callers must explicitly invoke
> > 'builtin()' to pro-actively opt into using the sentinel. This should
> > prevent use-by-accident.
> >
> > Signed-off-by: John Snow <jsnow@redhat.com>
>
> As I pointed out in review of v1, this patch has two aspects mixed up:
>
> 1. Represent "no source info" as special QAPISourceInfo instead of
>     None
>
> 2. On error with "no source info", don't crash.
>
> The first one is what de-complicates interface typing.  It's clearly
> serving this patch series' stated purpose: "static typing conversion".
>
> The second one is not.  It sidetracks us into a design discussion that
> isn't related to static typing.  Maybe it's something we should discuss.
> Maybe the discussion will make us conclude we want to do this.  But
> letting the static typing work get delayed by that discussion would be
> stupid, and I'll do what I can to prevent that.

It's not unrelated. It's about finding the most tactical incision to 
make the types as we actually use them correct from a static analysis 
context.

Maybe there's another tactical incision to make that's "smaller", for 
some perception of "smaller", but it's not unrelated.

> The stupidest possible solution that preserves the crash is adding an
> assertion right where it crashes before this patch: in
> QAPISourceInfo.__str__().  Yes, crashing in a __str__() method is not
> nice, but it's no worse than before.  Making it better than before is a
> good idea, and you're quite welcome to try, but please not in this
> series.  Add a TODO comment asking for "make it better", then sit on
> your hands.

I'm recently back from a fairly long PTO, so forgive me if I am 
forgetting something, but I am not really sure I fundamentally 
understand the nature of this critique.

Making functions not "crash" is a side-effect of making the types 
correct. I don't see it as scope-creep, it's a solution to a problem 
under active consideration.

In my reply to your earlier critique, I (think) I mentioned that I 
didn't understand the difference between:

1. An exception handler itself crashes because it received a value of 
unexpected type, or

2. The exception handler printed a message that indicates a problem with 
a built-in source definition.

In either case, QAPI didn't get built and it printed some kind of error 
spaghetti to the screen. In both cases, something much more seriously 
wrong has happened and the error message likely does not prepare the 
human user to really genuinely understand what that seriously wrong 
thing is.

I think this is an on-mission patch that improves circumstances; with 
regards to matters of taste I would see it as a lateral move at worst 
(one weird error for another weird error).

I'm left a little confused by the pushback, so I don't feel equipped to 
try and write code that addresses it.

Let's chat on IRC?

--js