sa_assert: assert-like macro, enabled only for use with static analyzers

Among some here, there is a strong aversion to the use of "assert", yet some others think it is essential (when applied judiciously) even -- perhaps "especially" -- at the heart of libraries and core hypervisor- related code. Here is a compromise that lets us make assertions about the code (e.g., to tell static analyzers about invariants) without even a hint of risk of an abort. * src/internal.h [STATIC_ANALYSIS]: Include <assert.h>. (sa_assert): Define. A no-op most of the time, but equivalent to classical assert when STATIC_ANALYSIS is nonzero.
2025-01-22 12:35:17 +00:00 · 2010-04-07 16:13:17 +02:00 · 2010-04-07 16:13:17 +02:00 · e078fa3cec
commit e078fa3cec
parent cffe619bdf
1 changed files with 8 additions and 0 deletions
--- a/src/internal.h
+++ b/src/internal.h
@ -9,6 +9,14 @@
 # include <limits.h>
 # include <verify.h>

+# if STATIC_ANALYSIS
+#  undef NDEBUG /* Don't let a prior NDEBUG definition cause trouble.  */
+#  include <assert.h>
+#  define sa_assert(expr) assert (expr)
+# else
+#  define sa_assert(expr) /* empty */
+# endif
+
 # ifdef HAVE_SYS_SYSLIMITS_H
 #  include <sys/syslimits.h>
 # endif