From owner-freebsd-hackers Mon Feb 9 04:07:22 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id EAA18466 for hackers-outgoing; Mon, 9 Feb 1998 04:07:22 -0800 (PST) (envelope-from owner-freebsd-hackers@FreeBSD.ORG) Received: from ns1.yes.no (ns1.yes.no [195.119.24.10]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id EAA18456 for ; Mon, 9 Feb 1998 04:07:19 -0800 (PST) (envelope-from eivind@bitbox.follo.net) Received: from bitbox.follo.net (bitbox.follo.net [194.198.43.36]) by ns1.yes.no (8.8.7/8.8.7) with ESMTP id MAA10670; Mon, 9 Feb 1998 12:07:08 GMT Received: (from eivind@localhost) by bitbox.follo.net (8.8.6/8.8.6) id NAA08555; Mon, 9 Feb 1998 13:07:07 +0100 (MET) Message-ID: <19980209130707.03437@follo.net> Date: Mon, 9 Feb 1998 13:07:07 +0100 From: Eivind Eklund To: Richard Wackerbarth Cc: Eivind Eklund , Michael Hancock , FreeBSD Hackers Subject: Re: DIAGNOSTICS and DEBUG LOGGING (was Re: cvs commit: src/sys/conf options) References: ; <19980209075127.63680@follo.net> <19980209091644.21614@follo.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.88e In-Reply-To: ; from Richard Wackerbarth on Mon, Feb 09, 1998 at 05:49:52AM -0600 Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Mon, Feb 09, 1998 at 05:49:52AM -0600, Richard Wackerbarth wrote: > At 2:16 AM -0600 2/9/98, Eivind Eklund wrote: > >> > _ASSERTS - Enable precondition and other cheap assertions > >> > _INVARIANTS - Enable invariant/postcondition checking (expensive) > >> > INVARIANT_CODE - Compile in invariant functions. > >> > >> So we have 3 levels of "sanity checking" with increasing levels of cost. > >> I like it, it's a good fit to how people want to use assertions in > >> practice. > > > >Just to make this perfectly clear (I'm not certain if you got my > >meaning or not): > > > >Enabling INVARIANT_CODE will not add _any_ checks to the kernel. > > INVARIANT_SUPPORT Agreed. > >Instead, it will add the code that is necessary to enable any checks > >at will. If INVARIANT_CODE is defined for the entire kernel, then > >_ASSERTS or _INVARIANTS can be defined for any single file without any > >compilation trouble, even if _ASSERTS/_INVARIANTS isn't enabled for > >any other file. > > Let me suggest something that I found to work well in developing drivers > on MacOS. Rather than fill the code with > > #ifdef _ASSERTS > if ((unsigned long)cblockp & (CBLOCK-1)) > panic("Unaligned cblock in cblock_free"); > #endif > > how about > > ASSERT(((unsigned long)cblockp & (CBLOCK-1)), "Unaligned cblock in > cblock_free"); > > Then you can hide the _ASSERTS stuff in a header which defines the > ASSERT macro and get rid of the clutter in the code. Well, I thought that was a bit too extreme for FreeBSD ;-) I personally use a fairly heavy assertion system based on that, along with extra trace and code-control support. My system is usually a bit overkill except for large projects; for FreeBSD, it might be perfect. I'll try to send a description to the mailing-list, and then I'll write up a new version if people seem interested. I need to get a freeware version of it some day, anyway; re-writing it each time I switch employers is getting a bit tedious... > #ifdef _ASSERTS > #define ASSERT(X,Y) if (X) panic(Y) > #else > #define ASSERT(X,Y) > #endif #ifdef _ASSERTS # define ASSERT(X,Y) do {if (!(X)) panic Y;}while(0) #else # define ASSERT(X,Y) #endif Notice the support for extra argument, the correct direction for the assert (an assertion should always be true), and the bracketing to force correct use of ";", making this a single C-statement after pre-processing with _ASSERTS both defined and undefined. Your version will bind an else wrong if used as the front-end of an if. Eivind. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe hackers" in the body of the message