sa_assert: assert-like macro, enabled only for use with static analyzers

Among some here, there is a strong aversion to the use of "assert", yet some others think it is essential (when applied judiciously) even -- perhaps "especially" -- at the heart of libraries and core hypervisor- related code. Here is a compromise that lets us make assertions about the code (e.g., to tell static analyzers about invariants) without even a hint of risk of an abort. * src/internal.h [STATIC_ANALYSIS]: Include <assert.h>. (sa_assert): Define. A no-op most of the time, but equivalent to classical assert when STATIC_ANALYSIS is nonzero.

sa_assert: assert-like macro, enabled only for use with static analyzers
Among some here, there is a strong aversion to the use of "assert", yet some others think it is essential (when applied judiciously) even -- perhaps "especially" -- at the heart of libraries and core hypervisor- related code. Here is a compromise that lets us make assertions about the code (e.g., to tell static analyzers about invariants) without even a hint of risk of an abort. * src/internal.h [STATIC_ANALYSIS]: Include <assert.h>. (sa_assert): Define. A no-op most of the time, but equivalent to classical assert when STATIC_ANALYSIS is nonzero.
e078fa3c · Jim Meyering · cffe619b · e078fa3c
隐藏空白更改
内联并排

Showing with 8 addition and 0 deletion

src/internal.h src/internal.h +8 -0

未找到文件。
--- a/src/internal.h
+++ b/src/internal.h
@@ -9,6 +9,14 @@
 # include <limits.h>
 # include <verify.h>

+# if STATIC_ANALYSIS
+#  undef NDEBUG /* Don't let a prior NDEBUG definition cause trouble.  */
+#  include <assert.h>
+#  define sa_assert(expr) assert (expr)
+# else
+#  define sa_assert(expr) /* empty */
+# endif
+
 # ifdef HAVE_SYS_SYSLIMITS_H
 #  include <sys/syslimits.h>
 # endif