ntp_assert.h revision 1.1
1/* $NetBSD: ntp_assert.h,v 1.1 2009/12/13 16:54:50 kardel Exp $ */ 2 3/* 4 * ntp_assert.h - design by contract stuff 5 * 6 * example: 7 * 8 * int foo(char *a) { 9 * int result; 10 * int value; 11 * 12 * NTP_REQUIRE(a != NULL); 13 * ... 14 * bar(&value); 15 * NTP_INSIST(value > 2); 16 * ... 17 * 18 * NTP_ENSURE(result != 12); 19 * return result; 20 * } 21 * 22 * open question: when would we use NTP_INVARIANT()? 23 */ 24 25#ifndef NTP_ASSERT_H 26#define NTP_ASSERT_H 27 28# ifdef CALYSTO 29 30extern void calysto_assume(unsigned char cnd); /* assume this always holds */ 31extern void calysto_assert(unsigned char cnd); /* check whether this holds */ 32#define NTP_REQUIRE(x) calysto_assert(x) 33#define NTP_INSIST(x) calysto_assume(x) /* DLH calysto_assert()? */ 34#define NTP_INVARIANT(x) calysto_assume(x) 35#define NTP_ENSURE(x) calysto_assert(x) 36 37# elif defined(__COVERITY__) 38 39/* 40 * Coverity has special knowledge that assert(x) terminates the process 41 * if x is not true. Rather than teach it about our assertion macros, 42 * just use the one it knows about for Coverity Prevent scans. This 43 * means our assertion code (and ISC's) escapes Coverity analysis, but 44 * that seems to be a reasonable trade-off. 45 */ 46 47#define NTP_REQUIRE(x) assert(x) 48#define NTP_INSIST(x) assert(x) 49#define NTP_INVARIANT(x) assert(x) 50#define NTP_ENSURE(x) assert(x) 51 52# else /* neither Coverity nor Calysto */ 53 54#include "isc/assertions.h" 55 56#define NTP_REQUIRE(x) ISC_REQUIRE(x) 57#define NTP_INSIST(x) ISC_INSIST(x) 58#define NTP_INVARIANT(x) ISC_INVARIANT(x) 59#define NTP_ENSURE(x) ISC_ENSURE(x) 60 61# endif /* neither Coverity nor Calysto */ 62#endif /* NTP_ASSERT_H */ 63