Received: from nc-smtp3.sdv.fr (nc-smtp3.sdv.fr [212.95.69.93]) by nld3-dev1.alpinelinux.org (Postfix) with ESMTPS id 21CA9781B7C for <~alpine/devel@lists.alpinelinux.org>; Mon, 18 May 2020 19:34:23 +0000 (UTC) Received: from skarnet.org (140.156.124.78.rev.sfr.net [78.124.156.140]) by nc-smtp3.sdv.fr (Postfix) with SMTP id BC124A0C83 for <~alpine/devel@lists.alpinelinux.org>; Mon, 18 May 2020 21:34:19 +0200 (CEST) Received: (qmail 6761 invoked from network); 18 May 2020 21:34:45 +0200 Received: from elzian.internal.skarnet.org. (HELO ?192.168.0.2?) () by sinay.internal.skarnet.org. with SMTP; 18 May 2020 21:34:45 +0200 From: "Laurent Bercot" To: ~alpine/devel@lists.alpinelinux.org Subject: Re: Disable assert statements by default? Date: Mon, 18 May 2020 19:34:19 +0000 Message-Id: In-Reply-To: <1ZU8S8ERRPKR9.35CUIBSS8QET7@8pit.net> References: <1ZU8S8ERRPKR9.35CUIBSS8QET7@8pit.net> Reply-To: "Laurent Bercot" User-Agent: eM_Client/7.2.37929.0 Mime-Version: 1.0 Content-Type: text/plain; format=flowed; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-VR-SPAMSTATE: OK X-VR-SPAMSCORE: 0 X-VR-SPAMCAUSE: gggruggvucftvghtrhhoucdtuddrgeduhedruddthedgudefhecutefuodetggdotffvucfrrhhofhhilhgvmecupfgfoffgtffkveetuefngfdpqfgfvfenuceurghilhhouhhtmecufedttdenucenucfjughrpefhvffufffkjghfrhgfgggtgfesthhqredttderjeenucfhrhhomhepfdfnrghurhgvnhhtuceuvghrtghothdfuceoshhkrgdquggvvhgvlhesshhkrghrnhgvthdrohhrgheqnecuggftrfgrthhtvghrnhepkeeuteelfefftddvgeeiieekleeugfelgfetieejudeftdehhfefgeffteduheetnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmohguvgepshhmthhpohhuth >The benefits of disabling asserts by default would be: > > * Users would not run into program crashes triggered by > development assert statements. > * Would probably cause a minor size reduction. The deciding factor here really is, in what environment do you expect Alpine packages to run. Production environments and development environments are wildly different beasts, and the bane of a distribution is that it has to be suited for the widest possible audience. You don't test software in production, that's a golden rule. Production is the worst place to test software. In production, you should have all the hardening you can afford, all the mitigations you can afford, all=20 the supervision and monitoring you have - but you *should not* artificially make the software crash. Production is the place where you disable asserts. If that's the intended environment for binary Alpine packages, then yes, asserts should be disabled by default. A development/testing environment is the complete opposite. That's the place where you want to stress-test the software, make it crash early=20 and often. And you obviously want asserts enabled. My personal taste would be to tailor the distro towards production, because that should be the majority of users, and thus, disable asserts. But yes, that comes with drawbacks. The only way to reconcile the conflicting needs is to build normal packages (with assertions disabled and optimized for speed and size) *and* debug packages (containing debug symbols, with assertions enabled, etc.) Some other distros that shall remain unnamed do this, and it seems to be working well for them. -- Laurent