include/SDL_assert.h
author Ryan C. Gordon <icculus@icculus.org>
Fri, 07 Feb 2014 11:52:35 -0500
changeset 8189 ab1045579b92
parent 8167 82ec2a95e664
child 8190 e63a3fe7e835
permissions -rw-r--r--
Tell Clang's static analysis that SDL_assert() is an assertion handler.

This lets it know, for example, that when you do this...

SDL_assert(ptr != NULL);

...that (ptr) is definitely not NULL at this point in the program, for the
sake of static analysis. While a buggy program could definitely trigger this
assertion, Clang assumes your assertion check is covering it and won't
report possible NULL dereferences after this point.

Since SDL_assert might continue if the user clicks "ignore", without this
change Clang would notice you checked for NULL (meaning that NULL is a real
possibility here) and still wrote code outside of that test branch that
dereferences the pointer, and thus would always trigger false positives.

Static analysis is fun!
     1 /*
     2   Simple DirectMedia Layer
     3   Copyright (C) 1997-2014 Sam Lantinga <slouken@libsdl.org>
     4 
     5   This software is provided 'as-is', without any express or implied
     6   warranty.  In no event will the authors be held liable for any damages
     7   arising from the use of this software.
     8 
     9   Permission is granted to anyone to use this software for any purpose,
    10   including commercial applications, and to alter it and redistribute it
    11   freely, subject to the following restrictions:
    12 
    13   1. The origin of this software must not be misrepresented; you must not
    14      claim that you wrote the original software. If you use this software
    15      in a product, an acknowledgment in the product documentation would be
    16      appreciated but is not required.
    17   2. Altered source versions must be plainly marked as such, and must not be
    18      misrepresented as being the original software.
    19   3. This notice may not be removed or altered from any source distribution.
    20 */
    21 
    22 #ifndef _SDL_assert_h
    23 #define _SDL_assert_h
    24 
    25 #include "SDL_config.h"
    26 
    27 #include "begin_code.h"
    28 /* Set up for C function definitions, even when using C++ */
    29 #ifdef __cplusplus
    30 extern "C" {
    31 #endif
    32 
    33 #ifndef SDL_ASSERT_LEVEL
    34 #ifdef SDL_DEFAULT_ASSERT_LEVEL
    35 #define SDL_ASSERT_LEVEL SDL_DEFAULT_ASSERT_LEVEL
    36 #elif defined(_DEBUG) || defined(DEBUG) || \
    37       (defined(__GNUC__) && !defined(__OPTIMIZE__))
    38 #define SDL_ASSERT_LEVEL 2
    39 #else
    40 #define SDL_ASSERT_LEVEL 1
    41 #endif
    42 #endif /* SDL_ASSERT_LEVEL */
    43 
    44 /*
    45 These are macros and not first class functions so that the debugger breaks
    46 on the assertion line and not in some random guts of SDL, and so each
    47 assert can have unique static variables associated with it.
    48 */
    49 
    50 #if defined(_MSC_VER)
    51 /* Don't include intrin.h here because it contains C++ code */
    52     extern void __cdecl __debugbreak(void);
    53     #define SDL_TriggerBreakpoint() __debugbreak()
    54 #elif (defined(__GNUC__) && (defined(__i386__) || defined(__x86_64__)))
    55     #define SDL_TriggerBreakpoint() __asm__ __volatile__ ( "int $3\n\t" )
    56 #elif defined(HAVE_SIGNAL_H)
    57     #include <signal.h>
    58     #define SDL_TriggerBreakpoint() raise(SIGTRAP)
    59 #else
    60     /* How do we trigger breakpoints on this platform? */
    61     #define SDL_TriggerBreakpoint()
    62 #endif
    63 
    64 #if defined(__STDC_VERSION__) && (__STDC_VERSION__ >= 199901L) /* C99 supports __func__ as a standard. */
    65 #   define SDL_FUNCTION __func__
    66 #elif ((__GNUC__ >= 2) || defined(_MSC_VER))
    67 #   define SDL_FUNCTION __FUNCTION__
    68 #else
    69 #   define SDL_FUNCTION "???"
    70 #endif
    71 #define SDL_FILE    __FILE__
    72 #define SDL_LINE    __LINE__
    73 
    74 /*
    75 sizeof (x) makes the compiler still parse the expression even without
    76 assertions enabled, so the code is always checked at compile time, but
    77 doesn't actually generate code for it, so there are no side effects or
    78 expensive checks at run time, just the constant size of what x WOULD be,
    79 which presumably gets optimized out as unused.
    80 This also solves the problem of...
    81 
    82     int somevalue = blah();
    83     SDL_assert(somevalue == 1);
    84 
    85 ...which would cause compiles to complain that somevalue is unused if we
    86 disable assertions.
    87 */
    88 
    89 #ifdef _MSC_VER  /* stupid /W4 warnings. */
    90 #define SDL_NULL_WHILE_LOOP_CONDITION (-1 == __LINE__)
    91 #else
    92 #define SDL_NULL_WHILE_LOOP_CONDITION (0)
    93 #endif
    94 
    95 #define SDL_disabled_assert(condition) \
    96     do { (void) sizeof ((condition)); } while (SDL_NULL_WHILE_LOOP_CONDITION)
    97 
    98 typedef enum
    99 {
   100     SDL_ASSERTION_RETRY,  /**< Retry the assert immediately. */
   101     SDL_ASSERTION_BREAK,  /**< Make the debugger trigger a breakpoint. */
   102     SDL_ASSERTION_ABORT,  /**< Terminate the program. */
   103     SDL_ASSERTION_IGNORE,  /**< Ignore the assert. */
   104     SDL_ASSERTION_ALWAYS_IGNORE  /**< Ignore the assert from now on. */
   105 } SDL_assert_state;
   106 
   107 typedef struct SDL_assert_data
   108 {
   109     int always_ignore;
   110     unsigned int trigger_count;
   111     const char *condition;
   112     const char *filename;
   113     int linenum;
   114     const char *function;
   115     const struct SDL_assert_data *next;
   116 } SDL_assert_data;
   117 
   118 #if (SDL_ASSERT_LEVEL > 0)
   119 
   120 /* Never call this directly. Use the SDL_assert* macros. */
   121 extern DECLSPEC SDL_assert_state SDLCALL SDL_ReportAssertion(SDL_assert_data *,
   122                                                              const char *,
   123                                                              const char *, int)
   124 #if defined(__clang__) && __has_feature(attribute_analyzer_noreturn)
   125 /* this tells Clang's static analysis that we're a custom assert function,
   126    and that the analyzer should assume the condition was always true past this
   127    SDL_assert test. */
   128    __attribute__((analyzer_noreturn))
   129 #endif
   130 ;
   131 
   132 /* the do {} while(0) avoids dangling else problems:
   133     if (x) SDL_assert(y); else blah();
   134        ... without the do/while, the "else" could attach to this macro's "if".
   135    We try to handle just the minimum we need here in a macro...the loop,
   136    the static vars, and break points. The heavy lifting is handled in
   137    SDL_ReportAssertion(), in SDL_assert.c.
   138 */
   139 #define SDL_enabled_assert(condition) \
   140     do { \
   141         while ( !(condition) ) { \
   142             static struct SDL_assert_data assert_data = { \
   143                 0, 0, #condition, 0, 0, 0, 0 \
   144             }; \
   145             const SDL_assert_state state = SDL_ReportAssertion(&assert_data, \
   146                                                                SDL_FUNCTION, \
   147                                                                SDL_FILE, \
   148                                                                SDL_LINE); \
   149             if (state == SDL_ASSERTION_RETRY) { \
   150                 continue; /* go again. */ \
   151             } else if (state == SDL_ASSERTION_BREAK) { \
   152                 SDL_TriggerBreakpoint(); \
   153             } \
   154             break; /* not retrying. */ \
   155         } \
   156     } while (SDL_NULL_WHILE_LOOP_CONDITION)
   157 
   158 #endif  /* enabled assertions support code */
   159 
   160 /* Enable various levels of assertions. */
   161 #if SDL_ASSERT_LEVEL == 0   /* assertions disabled */
   162 #   define SDL_assert(condition) SDL_disabled_assert(condition)
   163 #   define SDL_assert_release(condition) SDL_disabled_assert(condition)
   164 #   define SDL_assert_paranoid(condition) SDL_disabled_assert(condition)
   165 #elif SDL_ASSERT_LEVEL == 1  /* release settings. */
   166 #   define SDL_assert(condition) SDL_disabled_assert(condition)
   167 #   define SDL_assert_release(condition) SDL_enabled_assert(condition)
   168 #   define SDL_assert_paranoid(condition) SDL_disabled_assert(condition)
   169 #elif SDL_ASSERT_LEVEL == 2  /* normal settings. */
   170 #   define SDL_assert(condition) SDL_enabled_assert(condition)
   171 #   define SDL_assert_release(condition) SDL_enabled_assert(condition)
   172 #   define SDL_assert_paranoid(condition) SDL_disabled_assert(condition)
   173 #elif SDL_ASSERT_LEVEL == 3  /* paranoid settings. */
   174 #   define SDL_assert(condition) SDL_enabled_assert(condition)
   175 #   define SDL_assert_release(condition) SDL_enabled_assert(condition)
   176 #   define SDL_assert_paranoid(condition) SDL_enabled_assert(condition)
   177 #else
   178 #   error Unknown assertion level.
   179 #endif
   180 
   181 /* this assertion is never disabled at any level. */
   182 #define SDL_assert_always(condition) SDL_enabled_assert(condition)
   183 
   184 
   185 typedef SDL_assert_state (SDLCALL *SDL_AssertionHandler)(
   186                                  const SDL_assert_data* data, void* userdata);
   187 
   188 /**
   189  *  \brief Set an application-defined assertion handler.
   190  *
   191  *  This allows an app to show its own assertion UI and/or force the
   192  *  response to an assertion failure. If the app doesn't provide this, SDL
   193  *  will try to do the right thing, popping up a system-specific GUI dialog,
   194  *  and probably minimizing any fullscreen windows.
   195  *
   196  *  This callback may fire from any thread, but it runs wrapped in a mutex, so
   197  *  it will only fire from one thread at a time.
   198  *
   199  *  Setting the callback to NULL restores SDL's original internal handler.
   200  *
   201  *  This callback is NOT reset to SDL's internal handler upon SDL_Quit()!
   202  *
   203  *  \return SDL_assert_state value of how to handle the assertion failure.
   204  *
   205  *  \param handler Callback function, called when an assertion fails.
   206  *  \param userdata A pointer passed to the callback as-is.
   207  */
   208 extern DECLSPEC void SDLCALL SDL_SetAssertionHandler(
   209                                             SDL_AssertionHandler handler,
   210                                             void *userdata);
   211 
   212 /**
   213  *  \brief Get the default assertion handler.
   214  *
   215  *  This returns the function pointer that is called by default when an
   216  *   assertion is triggered. This is an internal function provided by SDL,
   217  *   that is used for assertions when SDL_SetAssertionHandler() hasn't been
   218  *   used to provide a different function.
   219  *
   220  *  \return The default SDL_AssertionHandler that is called when an assert triggers.
   221  */
   222 extern DECLSPEC SDL_AssertionHandler SDLCALL SDL_GetDefaultAssertionHandler(void);
   223 
   224 /**
   225  *  \brief Get the current assertion handler.
   226  *
   227  *  This returns the function pointer that is called when an assertion is
   228  *   triggered. This is either the value last passed to
   229  *   SDL_SetAssertionHandler(), or if no application-specified function is
   230  *   set, is equivalent to calling SDL_GetDefaultAssertionHandler().
   231  *
   232  *   \param puserdata Pointer to a void*, which will store the "userdata"
   233  *                    pointer that was passed to SDL_SetAssertionHandler().
   234  *                    This value will always be NULL for the default handler.
   235  *                    If you don't care about this data, it is safe to pass
   236  *                    a NULL pointer to this function to ignore it.
   237  *  \return The SDL_AssertionHandler that is called when an assert triggers.
   238  */
   239 extern DECLSPEC SDL_AssertionHandler SDLCALL SDL_GetAssertionHandler(void **puserdata);
   240 
   241 /**
   242  *  \brief Get a list of all assertion failures.
   243  *
   244  *  Get all assertions triggered since last call to SDL_ResetAssertionReport(),
   245  *  or the start of the program.
   246  *
   247  *  The proper way to examine this data looks something like this:
   248  *
   249  *  <code>
   250  *  const SDL_assert_data *item = SDL_GetAssertionReport();
   251  *  while (item) {
   252  *      printf("'%s', %s (%s:%d), triggered %u times, always ignore: %s.\n",
   253  *             item->condition, item->function, item->filename,
   254  *             item->linenum, item->trigger_count,
   255  *             item->always_ignore ? "yes" : "no");
   256  *      item = item->next;
   257  *  }
   258  *  </code>
   259  *
   260  *  \return List of all assertions.
   261  *  \sa SDL_ResetAssertionReport
   262  */
   263 extern DECLSPEC const SDL_assert_data * SDLCALL SDL_GetAssertionReport(void);
   264 
   265 /**
   266  *  \brief Reset the list of all assertion failures.
   267  *
   268  *  Reset list of all assertions triggered.
   269  *
   270  *  \sa SDL_GetAssertionReport
   271  */
   272 extern DECLSPEC void SDLCALL SDL_ResetAssertionReport(void);
   273 
   274 /* Ends C function definitions when using C++ */
   275 #ifdef __cplusplus
   276 }
   277 #endif
   278 #include "close_code.h"
   279 
   280 #endif /* _SDL_assert_h */
   281 
   282 /* vi: set ts=4 sw=4 expandtab: */