File: ntp_assert.h

package info (click to toggle)
ntp 1%3A4.2.6.p5%2Bdfsg-7
  • links: PTS, VCS
  • area: main
  • in suites: jessie-kfreebsd
  • size: 22,056 kB
  • sloc: ansic: 144,116; sh: 12,381; perl: 1,401; makefile: 1,274; yacc: 1,034; awk: 417; asm: 37; sed: 7
file content (97 lines) | stat: -rw-r--r-- 2,613 bytes parent folder | download | duplicates (3) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
 
/*
 * ntp_assert.h - design by contract stuff
 *
 * example:
 *
 * int foo(char *a) {
 *	int result;
 *	int value;
 *
 *	REQUIRE(a != NULL);
 *	...
 *	bar(&value);
 *	INSIST(value > 2);
 *	...
 *
 *	ENSURE(result != 12);
 *	return result;
 * }
 *
 * open question: when would we use INVARIANT()?
 *
 * For cases where the overhead for non-debug builds is deemed too high,
 * use DEBUG_REQUIRE(), DEBUG_INSIST(), DEBUG_ENSURE(), and/or
 * DEBUG_INVARIANT().
 */

#ifndef NTP_ASSERT_H
#define NTP_ASSERT_H

# ifdef CALYSTO 

extern void calysto_assume(unsigned char cnd); /* assume this always holds */ 
extern void calysto_assert(unsigned char cnd); /* check whether this holds */ 
#define ALWAYS_REQUIRE(x)	calysto_assert(x)
#define ALWAYS_INSIST(x)	calysto_assume(x) /* DLH calysto_assert()? */
#define ALWAYS_INVARIANT(x)	calysto_assume(x)
#define ALWAYS_ENSURE(x)	calysto_assert(x)

/* # elif defined(__COVERITY__) */
/*
 * DH: try letting coverity scan our actual assertion macros, now that
 * isc_assertioncallback_t is marked __attribute__ __noreturn__.
 */

/*
 * Coverity has special knowledge that assert(x) terminates the process
 * if x is not true.  Rather than teach it about our assertion macros,
 * just use the one it knows about for Coverity Prevent scans.  This
 * means our assertion code (and ISC's) escapes Coverity analysis, but
 * that seems to be a reasonable trade-off.
 */

/*
#define ALWAYS_REQUIRE(x)	assert(x)
#define ALWAYS_INSIST(x)	assert(x)
#define ALWAYS_INVARIANT(x)	assert(x)
#define ALWAYS_ENSURE(x)	assert(x)
*/

# else	/* neither Coverity nor Calysto */

#include "isc/assertions.h"

#define ALWAYS_REQUIRE(x)	ISC_REQUIRE(x)
#define ALWAYS_INSIST(x)	ISC_INSIST(x)
#define ALWAYS_INVARIANT(x)	ISC_INVARIANT(x)
#define ALWAYS_ENSURE(x)	ISC_ENSURE(x)

# endif /* neither Coverity nor Calysto */

#define	REQUIRE(x)		ALWAYS_REQUIRE(x)
#define	INSIST(x)		ALWAYS_INSIST(x)
#define	INVARIANT(x)		ALWAYS_INVARIANT(x)
#define	ENSURE(x)		ALWAYS_ENSURE(x)

/*
 * We initially used NTP_REQUIRE() instead of REQUIRE() etc, but that
 * is unneccesarily verbose, as libisc use of REQUIRE() etc shows.
 */
#define	NTP_REQUIRE(x)		REQUIRE(x)
#define	NTP_INSIST(x)		INSIST(x)
#define	NTP_INVARIANT(x)	INVARIANT(x)
#define	NTP_ENSURE(x)		ENSURE(x)

# ifdef DEBUG
#define	DEBUG_REQUIRE(x)	REQUIRE(x)
#define	DEBUG_INSIST(x)		INSIST(x)
#define	DEBUG_INVARIANT(x)	INVARIANT(x)
#define	DEBUG_ENSURE(x)		ENSURE(x)
# else
#define	DEBUG_REQUIRE(x)	(void)(x)
#define	DEBUG_INSIST(x)		(void)(x)
#define	DEBUG_INVARIANT(x)	(void)(x)
#define	DEBUG_ENSURE(x)		(void)(x)
# endif

#endif	/* NTP_ASSERT_H */