Add new tor_assert_nonfatal*() macros.

Unlike tor_assert(), these macros don't abort the process. They're good for checking conditions we want to warn about, but which don't warrant a full crash. This commit also changes the default implementation for tor_fragile_assert() to tor_assert_nonfatal_unreached_once(). Closes ticket 18613.
author: Nick Mathewson <nickm@torproject.org> 2016-04-05 09:40:51 -0400
committer: Nick Mathewson <nickm@torproject.org> 2016-04-14 16:24:28 -0400
commit: a885271c08d2337b35c203c0b27509d0aa32dbf6 (patch)
tree: 0cb88f3d43fcc7a90be972d958d3146c1294c06b /src/common
parent: 7865402106e9af273b9c887484b8371a899683ad (diff)
download: tor-a885271c08d2337b35c203c0b27509d0aa32dbf6.tar.gz
tor-a885271c08d2337b35c203c0b27509d0aa32dbf6.zip
2 files changed, 71 insertions, 2 deletions
diff --git a/src/common/util_bug.c b/src/common/util_bug.c
index 139d139e8c..606c665163 100644
--- a/src/common/util_bug.c
+++ b/src/common/util_bug.c
@@ -26,3 +26,27 @@ tor_assertion_failed_(const char *fname, unsigned int line,
   log_backtrace(LOG_ERR, LD_BUG, buf);
 }
 
+
+void
+tor_bug_occurred_(const char *fname, unsigned int line,
+                  const char *func, const char *expr,
+                  int once)
+{
+  char buf[256];
+  const char *once_str = once ?
+    " (Future instances of this warning will be silenced.)": "";
+  if (! expr) {
+    log_warn(LD_BUG, "%s:%u: %s: This line should not have been reached.%s",
+             fname, line, func, once_str);
+    tor_snprintf(buf, sizeof(buf),
+                 "Line unexpectedly reached at %s at %s:%u",
+                 func, fname, line);
+  } else {
+    log_warn(LD_BUG, "%s:%u: %s: Non-fatal assertion %s failed.%s",
+             fname, line, func, expr, once_str);
+    tor_snprintf(buf, sizeof(buf),
+                 "Non-fatal assertion %s failed in %s at %s:%u",
+                 expr, func, fname, line);
+  }
+  log_backtrace(LOG_WARN, LD_BUG, buf);
+}
diff --git a/src/common/util_bug.h b/src/common/util_bug.h
index 5414c53f4b..ce54266b20 100644
--- a/src/common/util_bug.h
+++ b/src/common/util_bug.h
@@ -46,13 +46,58 @@
   } STMT_END
 #endif
 
+#define tor_assert_unreached() tor_assert(0)
+
+/* Non-fatal bug assertions. The "unreached" variants mean "this line should
+ * never be reached." The "once" variants mean "Don't log a warning more than
+ * once".
+ */
+
+#ifdef ALL_BUGS_ARE_FATAL
+#define tor_assert_nonfatal_unreached() tor_assert(0)
+#define tor_assert_nonfatal(cond) tor_assert((cond))
+#define tor_assert_nonfatal_unreached_once() tor_assert(0)
+#define tor_assert_nonfatal_once(cond) tor_assert((cond))
+#elif defined(TOR_UNIT_TESTS) && defined(DISABLE_ASSERTS_IN_UNIT_TESTS)
+#define tor_assert_nonfatal_unreached() STMT_NIL
+#define tor_assert_nonfatal(cond) ((void)(cond))
+#define tor_assert_nonfatal_unreached_once() STMT_NIL
+#define tor_assert_nonfatal_once(cond) ((void)(cond))
+#else /* Normal case, !ALL_BUGS_ARE_FATAL, !DISABLE_ASSERTS_IN_UNIT_TESTS */
+#define tor_assert_nonfatal_unreached() STMT_BEGIN                      \
+  tor_bug_occurred_(SHORT_FILE__, __LINE__, __func__, NULL, 0);         \
+  STMT_END
+#define tor_assert_nonfatal(cond) STMT_BEGIN                            \
+  if (PREDICT_UNLIKELY(!(cond))) {                                      \
+    tor_bug_occurred_(SHORT_FILE__, __LINE__, __func__, #cond, 0);  \
+  }                                                                     \
+  STMT_END
+#define tor_assert_nonfatal_unreached_once() STMT_BEGIN                 \
+  static int warning_logged__ = 0;                                      \
+  if (!warning_logged__) {                                              \
+    warning_logged__ = 1;                                               \
+    tor_bug_occurred_(SHORT_FILE__, __LINE__, __func__, NULL, 1);       \
+  }                                                                     \
+  STMT_END
+#define tor_assert_nonfatal_once(cond) STMT_BEGIN                       \
+  static int warning_logged__ = 0;                                      \
+  if (!warning_logged__ && PREDICT_UNLIKELY(!(cond))) {                 \
+    warning_logged__ = 1;                                               \
+    tor_bug_occurred_(SHORT_FILE__, __LINE__, __func__, #cond, 1);      \
+  }                                                                     \
+  STMT_END
+#endif
+
 /** Define this if you want Tor to crash when any problem comes up,
  * so you can get a coredump and track things down. */
-// #define tor_fragile_assert() tor_assert(0)
-#define tor_fragile_assert()
+// #define tor_fragile_assert() tor_assert_unreached(0)
+#define tor_fragile_assert() tor_assert_nonfatal_unreached_once()
 
 void tor_assertion_failed_(const char *fname, unsigned int line,
                            const char *func, const char *expr);
+void tor_bug_occurred_(const char *fname, unsigned int line,
+                       const char *func, const char *expr,
+                       int once);
 
 #endif
author	Nick Mathewson <nickm@torproject.org>	2016-04-05 09:40:51 -0400
committer	Nick Mathewson <nickm@torproject.org>	2016-04-14 16:24:28 -0400
commit	a885271c08d2337b35c203c0b27509d0aa32dbf6 (patch)
tree	0cb88f3d43fcc7a90be972d958d3146c1294c06b /src/common
parent	7865402106e9af273b9c887484b8371a899683ad (diff)
download	tor-a885271c08d2337b35c203c0b27509d0aa32dbf6.tar.gz tor-a885271c08d2337b35c203c0b27509d0aa32dbf6.zip