In addition, since Qt 4.5 QSharedPointer was introduced, which is very similar in concept to boost::shared_ptr (and thus std::tr1::shared_ptr). I have long been a huge fan of the idea of smart pointers. They solve the need to worry about memory management for almost all usual cases. Unfortunately, when you combine these two concepts, sometimes you can go awry. I was surprised by this one, so I figured I’d shared my findings .

First we need some basic code to demonstrate the issue… Let’s suppose we have two trivial classes which inherit from QObject and thus participate in the Qt style memory management system. They might look like this:

Parent.h

class Parent : public QObject {
	Q_OBJECT
public:
	Parent(QObject *parent = 0) : QObject(parent) {
		std::cout << "Parent()" << std::endl;
	}

	virtual ~Parent() {
		std::cout << "~Parent()" << std::endl;
	}
};

Child.h

class Child : public QObject {
	Q_OBJECT
public:
	Child(QObject *parent = 0) : QObject(parent) {
		std::cout << "Child()" << std::endl;
	}

	virtual ~Child() {
		std::cout << "~Child()" << std::endl;
	}
};

And finally, we have some code to make use of our wonder code above:

void MyAwesomeFunction(Child *o) {
	std::cout << "Using Object!" << std::endl;
}

int main() {
	Parent *const parent = new Parent(0);
	Child *const child = new Child(parent);
	MyAwesomeFunction(child);
	delete parent;
}

The output of this simple program should be as follows:

Parent()
Child()
Using Object!
~Parent()
~Child()

As you can see, despite only explicitly deleting the parent, the child object gets cleaned up as well! This is great, heck if we made parent an automatic object, we wouldn't even need to explicitly delete it either. But what if MyAwesomeFunction for whatever reason, took a QSharedPointer instead of a raw pointer? You may just assume that you could write your code to be like this:

void MyAwesomeFunction(const QSharedPointer &o) {
	std::cout << "Using Object!" << std::endl;
}

int main() {
	Parent *const parent = new Parent(0);
	QSharedPointer child(new Child(parent));
	MyAwesomeFunction(child);
	delete parent;
}

well, if you made that assumption like I did, you'd be wrong! At best, this code leads to output like this:

Parent()
Child()
Using Object!
~Parent()
~Child()
QObject: shared QObject was deleted directly. The program is malformed and may crash.

At worst, it will crash. The question is, why is this broken? It all boils down to reference counting and who is doing the counting. What we have here, is two separate reference counts on the same object. One maintained by the parent object, one maintained by the QSharedPointer, and they will certainly disagree on when to delete the object. Leading to double free and use after free errors. No Bueno.

But it gets more complex than that! Qt memory management tries its best to let you do manual memory management while still maintaining it's own system. So if you delete child before the parent is deleted, that's just fine. The child's destructor will deregister itself from its parent's child list. So the following is well formed:

void MyAwesomeFunction(Child *o) {
	std::cout << "Using Object!" << std::endl;
}

int main() {
	Parent *const parent = new Parent(0);
	Child *const child = new Child(parent);
	MyAwesomeFunction(child);
	delete child;
	delete parent;
}

But if the parent happens to be delete'd first, then all hell breaks loose:

void MyAwesomeFunction(Child *o) {
	std::cout << "Using Object!" << std::endl;
}

int main() {
	Parent *const parent = new Parent(0);
	Child *const child = new Child(parent);
	MyAwesomeFunction(child);
	delete parent;
	delete child;
}

Segmentation fault

When we use QSharedPointer, this is essentially what we are doing if the object has a parent! The scary thing is, if the parent outlives the QSharedPointer on average, then the bug doesn't show up (since then it will act like case #1). Fortunately, starting with Qt 4.8, if you attempt to write this type of broken code, you will see an assert like this:

QSharedPointer: pointer 0x2384d70 already has reference counting

Which at the very least gives us a basic idea that there is something wrong, and it involves a QSharedPointer. It's a start.

The simplest approach to the problem is to simply not mix and match the two memory management schemes. If you need a QSharedPointer, don't set the parent. Like this:

void MyAwesomeFunction(const QSharedPointer &o) {
	std::cout << "Using Object!" << std::endl;
}

int main() {
	Parent *const parent = new Parent(0);
	QSharedPointer child(new Child());
	MyAwesomeFunction(child);
	delete parent;
}

which will happily output the following:

Parent()
Child()
Using Object!
~Parent()
~Child()

Fortunately, this turned out to be a fairly easy. Firstly we need an object to receive the signal since Qt mandates that all slots are member functions. Seems easy enough, so we’ll start with that:

class connect_functor_helper : public QObject {
    Q_OBJECT
public:
    // TBD
};

And we of course need a function to do the connection, we’ll template it so it can accept anything, a function, a functor, or even a lambda .

template <class T>
bool connect(QObject *sender, const char *signal, const T &reciever, Qt::ConnectionType type = Qt::AutoConnection) {
    // TBD
}

The pieces are all here, all we have to do is put them together. I do wish that MOC supported templated types, that would make this slightly easier (since we want to allow anything to be connected to). So I ended up resorting to using boost::function. When we fill in the blanks, the class looks like this:

class connect_functor_helper : public QObject {
	Q_OBJECT
public:
	connect_functor_helper(QObject *parent, const boost::function<void()> &f) : QObject(parent), function_(f) {
	}

public Q_SLOTS:
	void signaled() {
		function_();
	}

private:
	boost::function<void()> function_;
};

So two things are happening here that’s noteworthy.

• We make the helper object a child of the some QObject (ideally the sender of the signal), so that it will be automatically deleted when the parent object gets destroyed.
• We have a simple boost::function to store the function we want and call it from a slot called signaled(). We use this because it allows us to be generic without resorting to templates.

The last thing is to just add the connection, which is easy enough .

template <class T>
bool connect(QObject *sender, const char *signal, const T &reciever, Qt::ConnectionType type = Qt::AutoConnection) {
	return QObject::connect(sender, signal, new connect_functor_helper(sender, reciever), SLOT(signaled()), type);
}

Huzzah! We now can connect a Qt signal to anything that is callable like a function with the prototype void f(), even lambdas! Of course this can be expanded to deal with parameters as well, this is just the tip of the iceberg. So once we put all of the above into a header, we finally have the following demonstration program which works when QMAKE_CXXFLAGS contains --std=c++0x:

#include <QApplication>
#include <QPushButton>
#include <iostream>
#include "LambdaConnect.h"

int main(int argc, char *argv[]) {
	QApplication app(argc, argv);
	QPushButton w("Push Me");
	w.show();
	connect(&w, SIGNAL(clicked()), []{
		std::cout << "clicked" << std::endl;
	});
	app.exec();
}

Enjoy!

What could possibly be so broken in such a useful library? abort(). That’s right, this simple C library function is the thorn in my side that makes using GMP annoying. So what’s so bad about this function?

Here’s the problem, when allowing the user to enter arbitrary values to calculate with (like kcalc), it is trivial to create numbers that are so big, that it would take more RAM than you have to represent it in memory. For example: 549,755,813,888!, that’s right, the factorial of that number. As you can imagine, that is a ridiculously large number. So big in fact that GMP gives up before it even starts.

It’s actually good that GMP gives up before wasting the user’s time, the problem is how it gives up. It does so by printing a message to stderr and calling abort(). Keep in mind, this is a library, not an application. This means that is is simply part of another application which could be doing anything. Yet when GMP fails, it gives the the application, (you know that thing that the user cares about) absolutely no easy opportunity to deal with the issue. All the user sees is a crash.

This is what I’ve had to resort to in order to work around this:

static jmp_buf abort_factorial;
static void factorial_abort_handler(int)
{
    longjmp(abort_factorial, 1);
}

detail::knumber *detail::knuminteger::factorial() const
{
	// ----snip----
	// some basic sanity checking here ...
	// ----snip----

    struct sigaction new_sa;
    struct sigaction old_sa;

    sigemptyset(&new_sa.sa_mask);
    new_sa.sa_handler = factorial_abort_handler;
    sigaction(SIGABRT, &new_sa, &old_sa);

    if(setjmp(abort_factorial)) {
        sigaction(SIGABRT, &old_sa, 0);
        return new knumerror(UndefinedNumber);
    }

	// ----snip----
	// attempt to do interesting work here ...
	// ----snip----

    sigaction(SIGABRT, &old_sa, 0);

    return tmp_num;
}

I have to resort to setting up a signal handler before doing the work and using longjmp() to clean up the mess neatly if an abort happens. I can’t even use c++ exceptions to handle this because SIGABRT isn’t trapped by them. I suppose I could do something “clever” and replace the libc’s abort() function with my own, but that’s just another hack, I want a clean approach.

Fortunately, I don’t just bring problems, I also bring solutions . What GMP should do is offer a “fatal error” handler. Something like this would be great:

void gmp_fatal(const char *reason) { (*gmp_fatal_ptr)(reason); } where gmp_fatal_ptr is a function pointer that can be set by the application.

Heck by default, it can point to a function which prints the reason to stderr and calls abort, this would mean that most users and application writers wouldn’t even see the difference. But at least give me the option to deal with it in a reasonable fashion that isn’t a crash.

First let me be clear, that why I am about to suggest is not currently valid HTML, it is what I think HTML5 should be, not what it is. So please don’t get upset if you try this and it doesn’t work.

So I want my idea to be simple and not require javascript. Using javascript to detect features is nice and all, but I don’t want to depend on this. I would like to be able to just write my html, and have it gracefully fallback if the feature is not there. This sounds complicated, but I believe that it isn’t.

A simple rule could be introduced to aid in this effort. While I’m sure there are corner cases that I am not considering, I think something like this would be good enough for:

If a unknown tag is encountered, treat it as a <div>. If the unknown tag is self closing, then treat as if it had a closing. When treating an unknown tag as a <div>, ignore attributes not applicable to a <div>. If a tag introduced in HTML5 is encountered and understood, then simply ignore any inner HTML that doesn’t apply.

This would allow us to write something like the following:

<video width="320" height="240" controls>
  <source src="pr6.mp4"  type='video/mp4; codecs="avc1.42E01E, mp4a.40.2"'>
  <source src="pr6.webm" type='video/webm; codecs="vp8, vorbis"'>
  <source src="pr6.ogv"  type='video/ogg; codecs="theora, vorbis"'>
  <span style="color:red">Sorry, but your browser doesn't appear to support HTML5 video....</span>
</video>

So, how would this be parsed using the rules I’ve supplied? Suppose the browser doesn’t implement the <video> tag, well then it would be parsed like this:

<div>
  <div></div>
  <div></div>
  <div></div>
  <span style="color:red">Sorry, but your browser doesn't appear to support HTML5 video....</span>
</div>

So we have a bunch of <div> tags. We could use CSS to make it have the same dimmensions as the video would have if we like (making it still fit nicely in the design), and we have some fallback code there. Heck, the fallback code could a <script> tag, or perhaps even an <embed> tag which falls back onto flash content. This makes the options pretty much ideal.

So using this rule, how is that first block parsed if the browser does support the <video> tag? Well it’s pretty simple, it just acts like the <span> isn’t there since it isn’t applicable to a <video> tag. It ends up looking like this:

<video width="320" height="240" controls>
  <source src="pr6.mp4"  type='video/mp4; codecs="avc1.42E01E, mp4a.40.2"'>
  <source src="pr6.webm" type='video/webm; codecs="vp8, vorbis"'>
  <source src="pr6.ogv"  type='video/ogg; codecs="theora, vorbis"'>
</video>

I’m not aware of any tags introduced by HTML which are outright incompatible with this concept. Many of the new tags are really just containers which have new semantic value. If treated like a <div>, we can use CSS to at least make them look the part.

To a certain degree this is already being done, the HTML5 standard says:

Content may be provided inside the video element. User agents should not show this content to the user; it is intended for older Web browsers which do not support video, so that legacy video plugins can be tried, or to show text to the users of these older browsers informing them of how to access the video contents.

And applies the same rule to the <audio> tag. But this is specific to just <video> and <audio> tags, and doesn’t really spell out how arbitrary tags should be handled as far as I can tell. Can I put an script in there and expect it to work on older browsers? I don’t know because it just doesn’t say. But it’s a good start.

The result? We have plain HTML which will attempt to use the new feature first, and without depending on javascript, will gracefully fallback and display alternate content. Seems like an ideal solution to me. Not only that, but it would be easy to implement this in older browsers. The fact of the matter is, I didn’t see in the HTML5 specs exactly what the user agent is supposed to do when it encounters an undefined tag. It’s a big document, and perhaps I overlooked it, that’s certainly possible. But if it isn’t defined, then I think that is an oversight with regard to consistent behavior.

So on to choice B, I use KDE so I look in the KDE system-settings. In the “Default Applications” section, there is an options for web browser, looks promising. Once again, foiled by the fact that the setting is not universally used. The value chosen is stored in ~/.kde4/share/config/kdeglobals and only respected by KDE/Qt applications. This does most of the job, but I like most users don’t exclusively use just KDE applications, I choose my applications based on how useful they are, not which widget set they are built with. So pretty much all the Gtk/Gnome/other applications still don’t respect the setting. For example, links in thunderbird always want to open with firefox. I even tried creating a user.js file in my thunderbird profile directory and setting network.protocol-handler.app.http to my choice of browser, no joy. In the “about:config” the settings are there, the application just didn’t seem to care. I am sure I did something wrong, but even if I did, it shouldn’t be so hard. There should be a dirt simple way to set the default browser for all applications for my user and then, if they like, applications can provide some mechanism to override this.

I am sure that Gnome as there own way of setting the default browser, and I think it is likely that it works great for Gnome applications and KDE/Qt applications probably ignore it.

The Debian folks have a nice idea, they leverage the “alternatives” mechanism to provide “x-www-browser” which is (I think) in the end a symlink to the browser of your choice. This is great if everyone agrees to launch the browser with this, but has a minor downside. It only addresses system level preferences, not user level. So while you can hypothetically set the default browser system wide (probably good enough considering how many users are the only user of their systems), if an individual user wants to override this, I’m not sure there is an elegant way to do this. “x-www-browser” just ends up being a less flexible variation of the $BROWSER environment variable.

Also, I’ve looked into xdg-settings, looks promising, from freedesktop.org which a lot of people have been working on standardizing with. Let see what happens when I play with it.


$ xdg-settings --list
Known properties:
default-web-browser Default web browser


Ohh, looking good!


$ xdg-settings get default-web-browser
which: no chromium in (/usr/bin/chromium
!/usr/bin)
in (/usr/bin)l-workbench
MySQLWorkbench.desktop


Crap, what the heck does that mean? Why is “MySQLWorkbench.desktop” mentioned? What is going on? Ok, I’m done with my little panic, I’ll try to fix it:


$ xdg-settings set default-web-browser /usr/bin/chromium
xdg-settings: invalid application name
Try 'xdg-settings --help' for more information.


OK, usage, not as obvious as I thought…


$ xdg-settings --help
xdg-settings - get various settings from the desktop environment

Use 'man xdg-settings' or 'xdg-settings --manual' for additional info.


Help… not so helpful. Aha, I figured it out from looking at the manual!

$ xdg-settings set default-web-browser chromium-chromium.desktop

Did it work?


$ xdg-settings get default-web-browser
which: no chromium in (/usr/bin/chromium
!/usr/bin)
in (/usr/bin)l-workbench
MySQLWorkbench.desktop


Crap!

Alright, xdg-settings while I nice concept, simply isn’t working. So disappointing.

So I’ve got a lot of options, none of which are 100% effective.

So what’s the ideal solution? It’s hard to say, probably a hybrid of some of these ideas. I think a single binary/script named /usr/bin/www-browser which would look first in user’s home directory for a setting and if not found, look /etc/ for a global setting. And would launch the browser of choice. Why not just get everyone to agree on $BROWSER? Well, unfortunately the different browsers have different command line switches. Have a script/binary gives us the opportunity to normalize how the common ones are accessed (if any). More generally, it would allow the config file to have more advanced options than just specifying the path of the default browser. xdg-settings does look like it is on the right track, but I honestly couldn’t get it to do anything that made sense.

Most importantly the application writers (I’m looking at you KDE and Gnome) need to agree upon whatever method they think is best. I honestly don’t care too much about how it works, as long as it works.

It all started with a compiler warning. I like to compile my gcc projects with:

-ansi -pedantic -W -Wall

and I like my projects to compile with no warnings. My personal feelings on this subject are that if you cannot find a way to reconcile the warning, then odds are you don’t understand what it is trying to warn you about. Anyway, on to the issue at hand. I added a macro call of QT_REQUIRE_VERSION to the main function in one of my projects, the goal of course is to give a run-time error if the program is run with a version of Qt that is too old, simple enough. Unfortunately, this caused a warning in my project which I found entirely unacceptable.

main.cpp: In function 'int main(int, char**)':
main.cpp:8: warning: format not a string literal and no format arguments

I’m sure that many of you can relate to the horror I felt after seeing this in my usually clean build. First I checked, then double checked that the usage of the macro was the cause. Yup, commenting out the simple one liner use of the macro made it go away. Did I use it right? well  the call basically looks like this:

QT_REQUIRE_VERSION(argc, argv, "4.0.2")

Not much room for error there, and the only string parameter is passing a string literal. So what’s going on here? I figured it’s a pretty minor issue so I’d be patient. After waiting a while for someone to notice this, I finally decided to submit a bug. Two or so weeks went by then I finally saw that my bug had be resolved as “invalid”. Fine, my gut reaction was to check if I had misused the macro, so I’ll check out what they had to say.

I believe the warning is due to there being no semicolon after the call to QT_REQUIRE_VERSION. Note that the warning message specifies line 8 – the line after the QT_REQUIRE_VERSION call. The QT_REQUIRE_VERSION macro, like most macros, does not end with a semi-colon, so you have to use one after calling it.

I was thrilled that it was such a simple fix. How could I have been so dumb as to miss a semi-colon. An amateur mistake! So I thanked the bug assignee, mentioned that the docs didn’t have a semicolon and went on my way. Of course this wouldn’t be much of a post if things were that simple…

As you may have guessed the proposed solution had nearly zero effect on the presence of the warning. I have to say “nearly” there because it did change the line number it occurred on to be the line of the macro, instead of the line after. But the warning still remains, mocking me.

Let’s revisit the response I got (i’m adding emphasis).

I believe the warning is due to there being no semicolon after the call to QT_REQUIRE_VERSION…

Ahh, I see, so he just guessed! I think it’s time for a basic rule of bug handling to be established.

1. Actually test the bug and then test the solution before any resolution is given!

This may sound simple, but clearly it didn’t happen here. He did not test the issue or its solution, he simply looked at my example code and made a wild guess. It would have taken him all of 1 minute to copy and paste my code into a test.cpp file and compile it with the flags I gave to see that the warning would remain.

I looked for way to re-open the bug, but could not, so I submitted a second one. This time I made it clear that this was a followup to the other bug report and that I had added the semicolon, which did not help. If you are wondering how clear I was, here’s a quote from my bug report:

Note: I’ve added a semicolon as recommended by the previous bugs resolution. Which did change the warning’s line number to 7 from 8. But the warning still stands.

Later that day I saw on my phone an email from the Qt bug tracker saying the status had changed. Less than 24 hours, that’s great turn around time, maybe I was in luck. Nope, not this time, the same assignee still didn’t do a good job . He assigned it to someone in documentation with the following comment (remember my bug report was about a compile time warning, the documentation was a side issue).

The problem was a missing semi-colon after the macro call, but that what the doc example leads you to do.

The example in the docs should be updated to have a semi-colon after the macro call, otherwise following the example produces code that fails to compile and the compiler error message is not very helpful.

Great! I’m glad we could get the documentation squared away, but how about fixing the actual bug I reported!

2. Read the actual contents of the bug report. Don’t just glaze over it and assume you know what I meant. Read it.

I don’t think it is too much to ask that the assignee of the bug actually read the bug report before drawing conclusions. This was a complete disregard for the reported issue. At this point I was annoyed, so I decided to look into the issue myself. Here’s the macro in question:

#define QT_REQUIRE_VERSION(argc, argv, str) { QString s = QString::fromLatin1(str);\
QString sq = QString::fromLatin1(qVersion()); \
if ((sq.section(QChar::fromLatin1('.'),0,0).toInt()<<16)+\
(sq.section(QChar::fromLatin1('.'),1,1).toInt()<<8)+\
sq.section(QChar::fromLatin1('.'),2,2).toInt()<(s.section(QChar::fromLatin1('.'),0,0).toInt()<<16)+\
(s.section(QChar::fromLatin1('.'),1,1).toInt()<<8)+\
s.section(QChar::fromLatin1('.'),2,2).toInt()) { \
if (!qApp){ \
    new QApplication(argc,argv); \
} \
QString s = QApplication::tr("Executable '%1' requires Qt "\
 "%2, found Qt %3.").arg(qAppName()).arg(QString::fromLatin1(\
str)).arg(QString::fromLatin1(qVersion())); QMessageBox::critical(0, QApplication::tr(\
"Incompatible Qt Library Error"), s, QMessageBox::Abort, 0); qFatal(s.toLatin1().data()); }}

First thing to note is that the whole thing is wrapped in brackets, meaning that the semicolon isn’t strictly required and thus a complete non-issue. Sure there is the subtle issues involving things like this:

if (<condition>) MACRO(a); else foo(a);

But this macro is meant to be used unconditionally as the first statement in the program, nothing major. Personally I’d recommend wrapping the macro in a

do {/*...*/} while(0)

, but that’s a different discussion. Anyway, did you catch the source of the warning? Took me a bit but the issue is the very last statement:

qFatal(s.toLatin1().data());

Basically, they’ve constructed a QString, getting the equivalent c-string and passing that to qFatal, seems harmless enough. Let’s look at the definition for qFatal:

Q_CORE_EXPORT void qFatal(const char *, ...) /* print fatal message and exit */
#if defined(Q_CC_GNU) && !defined(__INSURE__)
    __attribute__ ((format (printf, 1, 2)))
#endif
;

Aha! qFatal is a printf style function, it even has the printf attribute when compiled with gcc. Which basically means we can expect that values passed will likely be given to something like vsprintf, followed by an abort call. This function is called qFatal after all. We all know that it is good security practice to always have the first parameter of a printf function be a string literal to prevent format string vulnerability (at least we all should know…), so the warning is well founded.

Out of curiousity, I tried something like this:

QT_REQUIRE_VERSION(argc, argv, "4.7.0%n%n%n%n");

Boom! Segmentation fault (instead of the expected abort). That means that those %n’s are trampling memory, which is simply not good. Fortunately the odds of this macro being passed a value provided by a user is pretty much zero, so there is no practical vulnerability here, but it is still an issue, one which has a simple solution. If we simply change the last statment to look like this:

qFatal("%s", s.toLatin1().data());

Then all of these issues go away. No warning, no format string crashes when you do naughty things, it just works correctly. I’ve added all of these details to my bug report, so far no response. I still love Trolltech and thank them for their wonderful product which I will continue to recommend to people and be a happy user of. But someone over there really just wasn’t doing their job well. Once I got frustrated enough to look, it took me all of 15 minutes to figure out exactly what was causing the warning and come up with a functional solution. Instead my report has been assigned to documentation where it will likely sit for days until someone realizes it doesn’t belong there. Wish me luck, I’ve got my fingers crossed.

I’ve recently discovered that Flash player’s settings system stores settings for every site which references flash player. This is a nice usability feature. It allows your flash related settings to work across browser sessions, even different browsers as long as you remain in the same account. But, the filing system itself is also a history of all flash enabled sites you’ve visited.

On my Linux box, I have the following directory:

~/.macromedia/Flash_Player/macromedia.com/support/flashplayer/sys

I also found a similar directory on my windows 7 box, so this is not just a Linux phenomenon. In this directory is a bunch of directories whose names are things like “#mail.google.com” and “#viddler.com”, each of which has a settings.sol file containing the flash settings for that particular domain. These get created and updated regardless of privacy mode and any history clearing you ask your browser to do.

Fortunately, these files are safe to delete (they’ll just get recreated if needed). If you go to: http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager.html, there are settings there that allow you to manage the offline storage settings, but from my quick tests it seems that the folders are created even when you set the allowed storage to 0Kbs.

Obviously this doesn’t give a complete list of all sites that were visited, but lets face it, much of the questionable content on the internet is served by flash.

Yet another reason to use noscript.

All of this works great, except for the fact that graphviz decided to change some of the structures used to represent the layed out graph.

The most annoying issue I found is that the older versions of the graphviz headers did not have any defines for versioning. This means that there is no good way to detect at compile time which version you are trying to compile against. Later one was introduced, which means that you can coarsely determine if you are compiling against a version before or after that macro was introduced. But this isn’t really good enough given than there have been several changes over time before and after this macro was introduced.

So rule #1: If you plan to change anything in your publicly installed headers, ever, have a version macro which is unique for each and every version of structures and API.

Of course, the fun doesn’t stop there, otherwise I wouldn’t have a whole lot to write about here. In addition to that, they decided to make the version macro they did create resolve to a string! This is great and all for displaying the version to the user. But is not easily comparable at compile time at all. The most creative solution I can think of is to have a configure script which will emit run a program  which includes the header and outputs the version if available, then finally the configure script will parse the result and produce a compile time comparable macro. This is some of what the autotools scripts do to produce things like config.h. But is less than fun to deal with.

Rule #2: Make the version macro numeric, and encode things in a way that x >= y always means that x is newer.

Something like this feels ideal.
#define VERSION 0x00010203 /* version 1.2.3 */
Here I am suggesting to use a 32-bit constant for the version, dividing on byte boundaries for trivial decoding and ease of human readability.  There is no need to stick to the tradition versioning schemes either. Lately, I’ve been preferring using the year and release number like this:
#define VERSION 0x00200901 /* version 2009.1 */
Both work equally well. But wait there is more nonsense! The graphviz people decided to use macros to access the members of the primary structures (node, edge, graph). This way they can change the implementation details of these structures but the code using these structures can remain the same. This was a good idea. Unfortunately, they didn’t do it for all of the structures. Only those three. But there are a whole bunch of structures representing text labels, coordinates and other fun stuff which didn’t use this system.

Rule #3: Be consistent with your API.

Finally, they used to have both floating point and non floating point versions of certain data members. At some point they decided to switch to only floating point. The problem is that some things changed type, but not the name. So if I wanted to store the value of one of these, I can’t conveniently. For example:
struct T { point *pos; };
became
struct T { pointf *pos; };
This makes code such as this unfortunately broken across versions.
point *p = x.pos;
If I had a usable version macro, I could make the type depend on the version. Even worse some things changed names and types. For example:
ND_coord_i /* returns "struct point " */
was replaced by:
ND_coord /* returns "struct pointf" */
The former no longer exists. At least I can test for the existence of the ND_coord macros to figure out which to use, but the net result is messier code.

Rule #4: Do everything possible to avoid changing datatypes of structure members and return types of functions. It makes storing the result ugly and convoluted.

One could argue that not all of the structures and functions are part of there public API. After all, it is pretty rare that someone implements there own rendering engine for something as big, complex as graphviz. But these structures are in the headers that every distribution installs into /usr/include/graphviz/.

Rule #5: If it is in a header which gets installed for the user, it is part of the API. If you have internal details you wish to hide use the PIMPL pattern.

So the end of the story is that I’ve got my Qt based graphing widget I sought after. But the deployment is less than fun. Because I distribute sources I need to test that it compiles on all sorts of distributions. All of this could have been so much simpler if they just planned ahead and had a version friendly API.

The main reason for this is that I had no real practical way to display this information in a useful way to users. A list of blocks wouldn’t do, there would simply be to many for anyone to make sense of them. Some other tools have a nice solution though…graphs .

So I figured that it’s time EDB got a graphing plugin of sorts. And that’s where my focus has been lately. Finally after playing with the awesome QGraphicsView API, I have some results that are worth noting.

As you can see, it is looking pretty nice. All of the nodes are draggable so if you don’t like how it is layed out, you can adjust it. Of course it isn’t quite ready yet, otherwise I would have just tossed it into EDB and bumped the version. There are two major things I need to figure out.

1. How big do I make the whole scene? Right now I just go with “very big”, but eventually, I’ll have to figure this out based on the content. This is very dependant on issue #2 though…
2. I have no automatic layout engine. Currently in my test code, I’ve manually placed each node. This is likely to prove very difficult, but I’ll get there (Obviously if any graph experts out there want to help, feel free to email me ).

Beyond that, I’m feeling pretty good about how it works.

You may be wondering why I didn’t just use GraphViz. Well, to be honest, I looked into it. But there didn’t seem to be any nice and simple way to get the results into a Qt widget. As far as I can tell, the API revolves around programatically generating a .dot file, and sending that through one of the graphviz renderer’s. Then taking the output file and finally displaying it. I don’t like all the temporary files and the dependency on external programs. I’m not a fan of “front-ends” in general, otherwise EDB would just be another GDB front end.

Though if I could do a pure library solution, I could work with the temporary files. Obviously I could have missed something in graphviz, if so, let me know .

I hope to have things nice and ready for release soon.

This isn’t a problem with stackoverflow.com, it’s a problem with people who claim things to be the case without actually testing if what they are saying is true. It happens time and time again.

You may be wondering why the title of this blog entry is “Micro-optimization is stupid” when I haven’t even mentioned that yet, well wait no more, here it is. Someone had asked a question which had a simple answer on SO. He was trying to insert a pointer to an object into a list which contained actual objects. I am guessing he is usually a java programmer (this isn’t an attack of java programmers, just that java’s syntax for creating references to objects looks very much like the broken c++ he was trying to use).

Someone took it upon themselves to not only give advice on how to correct this trivial error, but also gave some optimization advice for iterating over the list. He recomended something like this:

for(std::list<Point>::iterator it = l.begin(), end = l.end(); it != end; ++i) {
/* whatever */
}

as apposed to this:

for(std::list<Point>::iterator it = l.begin(); it != l.end(); ++i) {
/* whatever */
}

The reality is that there isn’t a huge amount of difference between the two. The goal of the posters code is to avoid std::list::end() from being called after every iteration of the loop. I felt compelled to point out to the poster that the optimization recomendation was misguided as any sane compiler will nicely optimize that loop so the std::list::end() is only called once. In addition to that std::list::end() is an O(1) operation as mandated by the standard, so even if it were called multiple times, it wouldn’t make a difference. You’re trading one memory fetch for another, no real difference.

Of course he argued, people who don’t know what they are talking about usually do . He started claiming that since the compiler doesn’t know that the size is constant,  it has to recalculate the size each time, and that this extra function call would cause cache misses and such. See the problem here? There is enough techno-babble to sound convincing! But don’t worry folks, I was determined to demonstrate my point.

So I responded with a few corrections. Most importantly,  size() != end(), so even if it did need to recalculate size() each time, the size has nothing to do with it.  In addition, certainly if the loop only uses member functions which are const it certainly can know that the list hasn’t changed.  (he of course retorted that while the end()/size() function is const, it’s result is not, which is just silliness, since end() won’t change the list, if all other functions don’t change the list, well then end() will be the same next iteration!). Finally, I sent him a link to some code which looks like this:


// program 1
#include <list>
#include <iostream>

std::list<int>::iterator end = l1.end();
for(std::list<int>::iterator it = l1.begin(); it != end; ++it) {
printf("%d\n", *it);
}
}


// program 2
#include <list>
#include <iostream>

for(std::list<int>::iterator it = l1.begin(); it != l1.end(); ++it) {
printf("%d\n", *it);
}
}


And asked that he compile them both with g++ -O3 and look at the results. Not just assume what some other jackass told him was correct. I had already done this, and knew that the result on the latest g++ is identical. At this point I had a good feeling, knowing I had prevailed… until he responded with this:

GCC 4.01 with g++ -O3 -S produces different assembly outputs and different binaries with vectors and lists. GCC 4.2 produces identical output for lists but different output for vectors. The OP uses a vector, my comment stands.

Seriously?! This guy just couldn’t admit being even slightly wrong. To be clear, the OP used a list, not a vector. So at this point he was just making things up without taking the time to read. In addition, I checked and the “difference” between the two was more or less cosmetic. Doing the same work in slightly different order (but not repeatedly calling end(), which was the original concern).

Finally, justice came and people started to downvote his answer.  Finally he edited his post to remove the incorrect advice he gave and the downvotes were removed. None of this would have happened if he hadn’t gotten fixated on silly little micro-optimizations. When will people learn?

Tricks like this may have made a difference in the early days of c++, but modern compilers are suprisingly good at optimization. Let them do their job so that you can do your job!

At this point in time, every compitent developer should know that it is best to do things the simplest, most obvious way first. This is better in many ways, most importantly in maintainability. Everyone can agree that simple and obvious code is easier to understand. Then if after profiling you find that a particular segment of code is not performant enough, feel free to go bananas with optimizing the little things in that particular section.