Branch data Line data Source code
1 : : // Copyright (c) 2019-2022 The Bitcoin Core developers
2 : : // Distributed under the MIT software license, see the accompanying
3 : : // file COPYING or http://www.opensource.org/licenses/mit-license.php.
4 : :
5 : : #ifndef BITCOIN_UTIL_CHECK_H
6 : : #define BITCOIN_UTIL_CHECK_H
7 : :
8 : : #include <attributes.h>
9 : :
10 : : #include <atomic>
11 : : #include <cassert> // IWYU pragma: export
12 : : #include <stdexcept>
13 : : #include <string>
14 : : #include <string_view>
15 : : #include <utility>
16 : :
17 : : constexpr bool G_FUZZING_BUILD{
18 : : #ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
19 : : true
20 : : #else
21 : : false
22 : : #endif
23 : : };
24 : : constexpr bool G_ABORT_ON_FAILED_ASSUME{G_FUZZING_BUILD ||
25 : : #ifdef ABORT_ON_FAILED_ASSUME
26 : : true
27 : : #else
28 : : false
29 : : #endif
30 : : };
31 : :
32 : : extern std::atomic<bool> g_enable_dynamic_fuzz_determinism;
33 : :
34 : 1430 : inline bool EnableFuzzDeterminism()
35 : : {
36 : 1430 : if constexpr (G_FUZZING_BUILD) {
37 : : return true;
38 : 1430 : } else if constexpr (!G_ABORT_ON_FAILED_ASSUME) {
39 : : // Running fuzz tests is always disabled if Assume() doesn't abort
40 : : // (ie, non-fuzz non-debug builds), as otherwise tests which
41 : : // should fail due to a failing Assume may still pass. As such,
42 : : // we also statically disable fuzz determinism in that case.
43 [ + - + - ]: 1430 : return false;
44 : : } else {
45 : : return g_enable_dynamic_fuzz_determinism;
46 : : }
47 : : }
48 : :
49 : : extern bool g_detail_test_only_CheckFailuresAreExceptionsNotAborts;
50 : : struct test_only_CheckFailuresAreExceptionsNotAborts {
51 [ + - ]: 2 : test_only_CheckFailuresAreExceptionsNotAborts() { g_detail_test_only_CheckFailuresAreExceptionsNotAborts = true; };
52 : 2 : ~test_only_CheckFailuresAreExceptionsNotAborts() { g_detail_test_only_CheckFailuresAreExceptionsNotAborts = false; };
53 : : };
54 : :
55 : : std::string StrFormatInternalBug(std::string_view msg, std::string_view file, int line, std::string_view func);
56 : :
57 : : class NonFatalCheckError : public std::runtime_error
58 : : {
59 : : public:
60 : : NonFatalCheckError(std::string_view msg, std::string_view file, int line, std::string_view func);
61 : : };
62 : :
63 : : /** Internal helper */
64 : : void assertion_fail(std::string_view file, int line, std::string_view func, std::string_view assertion);
65 : :
66 : : /** Helper for CHECK_NONFATAL() */
67 : : template <typename T>
68 [ - + ]: 137592271 : T&& inline_check_non_fatal(LIFETIMEBOUND T&& val, const char* file, int line, const char* func, const char* assertion)
69 : : {
70 [ + + ]: 137592271 : if (!val) {
71 : : if constexpr (G_ABORT_ON_FAILED_ASSUME) {
72 : : assertion_fail(file, line, func, assertion);
73 : : }
74 [ + - ]: 10 : throw NonFatalCheckError{assertion, file, line, func};
75 : : }
76 : 137592261 : return std::forward<T>(val);
77 : : }
78 : :
79 : : #if defined(NDEBUG)
80 : : #error "Cannot compile without assertions!"
81 : : #endif
82 : :
83 : : /** Helper for Assert()/Assume() */
84 : : template <bool IS_ASSERT, typename T>
85 [ + + ]: 22314892 : constexpr T&& inline_assertion_check(LIFETIMEBOUND T&& val, [[maybe_unused]] const char* file, [[maybe_unused]] int line, [[maybe_unused]] const char* func, [[maybe_unused]] const char* assertion)
[ + + + + ]
[ - + + -
- + - + +
- + + - +
+ - ][ # #
# # # # #
# ]
86 : : {
87 : : if (IS_ASSERT || std::is_constant_evaluated() || G_ABORT_ON_FAILED_ASSUME) {
88 [ + + ]: 21558812 : if (!val) {
89 : 1 : assertion_fail(file, line, func, assertion);
90 : : }
91 : : }
92 : 21559732 : return std::forward<T>(val);
93 : : }
94 : :
95 : : // All macros may use __func__ inside a lambda, so put them under nolint.
96 : : // NOLINTBEGIN(bugprone-lambda-function-name)
97 : :
98 : : #define STR_INTERNAL_BUG(msg) StrFormatInternalBug((msg), __FILE__, __LINE__, __func__)
99 : :
100 : : /**
101 : : * Identity function. Throw a NonFatalCheckError when the condition evaluates to false
102 : : *
103 : : * This should only be used
104 : : * - where the condition is assumed to be true, not for error handling or validating user input
105 : : * - where a failure to fulfill the condition is recoverable and does not abort the program
106 : : *
107 : : * For example in RPC code, where it is undesirable to crash the whole program, this can be generally used to replace
108 : : * asserts or recoverable logic errors. A NonFatalCheckError in RPC code is caught and passed as a string to the RPC
109 : : * caller, which can then report the issue to the developers.
110 : : */
111 : : #define CHECK_NONFATAL(condition) \
112 : : inline_check_non_fatal(condition, __FILE__, __LINE__, __func__, #condition)
113 : :
114 : : /** Identity function. Abort if the value compares equal to zero */
115 : : #define Assert(val) inline_assertion_check<true>(val, __FILE__, __LINE__, __func__, #val)
116 : :
117 : : /**
118 : : * Assume is the identity function.
119 : : *
120 : : * - Should be used to run non-fatal checks. In debug builds it behaves like
121 : : * Assert()/assert() to notify developers and testers about non-fatal errors.
122 : : * In production it doesn't warn or log anything.
123 : : * - For fatal errors, use Assert().
124 : : * - For non-fatal errors in interactive sessions (e.g. RPC or command line
125 : : * interfaces), CHECK_NONFATAL() might be more appropriate.
126 : : */
127 : : #define Assume(val) inline_assertion_check<false>(val, __FILE__, __LINE__, __func__, #val)
128 : :
129 : : /**
130 : : * NONFATAL_UNREACHABLE() is a macro that is used to mark unreachable code. It throws a NonFatalCheckError.
131 : : */
132 : : #define NONFATAL_UNREACHABLE() \
133 : : throw NonFatalCheckError( \
134 : : "Unreachable code reached (non-fatal)", __FILE__, __LINE__, __func__)
135 : :
136 : : // NOLINTEND(bugprone-lambda-function-name)
137 : :
138 : : #if defined(__has_feature)
139 : : # if __has_feature(address_sanitizer)
140 : : # include <sanitizer/asan_interface.h>
141 : : # endif
142 : : #endif
143 : :
144 : : #ifndef ASAN_POISON_MEMORY_REGION
145 : : # define ASAN_POISON_MEMORY_REGION(addr, size) ((void)(addr), (void)(size))
146 : : # define ASAN_UNPOISON_MEMORY_REGION(addr, size) ((void)(addr), (void)(size))
147 : : #endif
148 : :
149 : : #endif // BITCOIN_UTIL_CHECK_H
|
