After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 728776 - Document GResolver return value guarantees
Document GResolver return value guarantees
Status: RESOLVED FIXED
Product: glib
Classification: Platform
Component: network
2.39.x
Other All
: Normal trivial
: ---
Assigned To: gtkdev
gtkdev
Depends on:
Blocks:
 
 
Reported: 2014-04-23 08:14 UTC by Philip Withnall
Modified: 2014-05-28 13:46 UTC
See Also:
GNOME target: ---
GNOME version: ---

Attachments
gresolver: Document that GResolver lists are non-empty on success (6.53 KB, patch)
2014-04-24 08:50 UTC, Philip Withnall 		committed Details | Review
gresolver: Ensure GThreadedResolver always sets an error if resolution fails (1.87 KB, patch)
2014-04-24 08:50 UTC, Philip Withnall 		committed Details | Review
gresolver: Add postconditions to ensure lists are non-empty (5.75 KB, patch)
2014-04-24 08:50 UTC, Philip Withnall 		rejected Details | Review

Description Philip Withnall 2014-04-23 08:14:42 UTC 
The documentation for g_resolver_lookup_by_name() isn’t clear about whether it guarantees to return a *non-empty* list of GInetAddresses, or whether it’s possible to return NULL and no error.

There is a code path which returns NULL with no error if all of the addresses returned by getaddrinfo() in do_lookup_by_name() in gthreadedresolver.c can’t be built into GSocketAddresses — i.e. g_socket_address_new_from_native() fails on them.

So I guess it would be nice to either:
 • Explicitly document that g_resolver_lookup_by_name() can return NULL and no error; or
 • change it to set an error (G_RESOLVER_ERROR_NOT_FOUND) before returning if the address list is empty.

I guess the same changes should be made to the other GResolver methods too.
Comment 1 Philip Withnall 2014-04-24 08:50:48 UTC 
Created attachment 275027 [details] [review]
gresolver: Document that GResolver lists are non-empty on success

The documentation previously wasn’t clear about whether the GResolver
methods could return an empty list and no error. On balance, this seems
like a bad idea, and GResolver should commit to always return a
non-empty list, or an error (which should be G_RESOLVER_ERROR_NOT_FOUND
if the list would otherwise be empty).
Comment 2 Philip Withnall 2014-04-24 08:50:51 UTC 
Created attachment 275028 [details] [review]
gresolver: Ensure GThreadedResolver always sets an error if resolution fails

It was previously possible for GThreadedResolver to return an empty list
and no error in response to a g_resolver_lookup_by_name() call, if it
happened that all the addresses returned by getaddrinfo() could not be
converted from native addresses to GSocketAddresses.

Fix that by setting a G_RESOLVER_ERROR_NOT_FOUND if the returned list is
empty.
Comment 3 Philip Withnall 2014-04-24 08:50:55 UTC 
Created attachment 275029 [details] [review]
gresolver: Add postconditions to ensure lists are non-empty

Add postconditions to the GResolver interface method wrappers to ensure
that the returned values conform to the API documentation (i.e. that the
returned list is non-empty, or an error is set). This should prevent
erroneous implementations of GResolver from causing problems for users
of the API.
Comment 4 Dan Winship 2014-04-24 16:11:56 UTC 
Comment on attachment 275028 [details] [review]
gresolver: Ensure GThreadedResolver always sets an error if resolution fails

OK, but note that if you want to commit this to glib-2-40 too, you need to get rid of the new translated string. You could just reuse the string "No DNS record of the requested type for '%s'" from later on in the file instead. (That's just for glib-2-40; the new string is fine on master.)
Comment 5 Dan Winship 2014-04-24 16:13:21 UTC 
Comment on attachment 275029 [details] [review]
gresolver: Add postconditions to ensure lists are non-empty

seems messy, and we don't do this anywhere else
Comment 6 Philip Withnall 2014-04-25 08:54:04 UTC 
Pushed to master and glib-2-40 (with the changed string).

Attachment 275027 [details] pushed as 14b0c15 - gresolver: Document that GResolver lists are non-empty on success
Attachment 275028 [details] pushed as 956921e - gresolver: Ensure GThreadedResolver always sets an error if resolution fails
Comment 7 Philip Withnall 2014-04-25 10:15:28 UTC 
(In reply to comment #5)
> (From update of attachment 275029 [details] [review])
> seems messy, and we don't do this anywhere else

I think it’s a useful way of catching bugs in the implementation of interfaces or virtual methods. If a GResolver implementation is provided by a third party, it’s still called through the g_resolver_*() functions, so it’s partially a GLib problem if results come back which don’t match the function documentation. We could stick all those assertions in the GResolver vfunc implementations themselves, but that seems a bit wasteful.

Is there any other approach at the moment for verifying that an interface or vfunc implementation conforms to the interface declaration/documentation?
Comment 8 Philip Withnall 2014-05-28 10:33:06 UTC 
Dan, ping?
Comment 9 Dan Winship 2014-05-28 12:50:39 UTC 
I think it uglifies the code too much for too little benefit. Just make Tartan verify it. :-)

(I left the bug open before in case any other GLib maintainer chimed in saying they wanted this, but no one has, so...)
Comment 10 Philip Withnall 2014-05-28 13:46:19 UTC 
(In reply to comment #9)
> I think it uglifies the code too much for too little benefit. Just make Tartan
> verify it. :-)

Fair enough. Getting Tartan to verify this would be tricky, but given a few assumptions it's probably feasible. I'll add it to the to-do list. :-)