[PATCH 15/20] chainimpl.h: Add _Assert() to _Chain_Initialize_empty()

Peter Dufault dufault at hda.com
Wed Nov 26 17:32:15 UTC 2014


> On Nov 26, 2014, at 11:40 , Gedare Bloom <gedare at rtems.org> wrote:
> 
> What is the difference between the previous two variants? Would you
> expect to optimize out "Assert_known" in all production code?
> 

"Assert_known_not_NULL" implies that either someone broke the code (the known assertion no longer applies due to a new bug) or that there is memory corruption (a previously asserted non-NULL pointer is now NULL).  This should never be optimized away - you want to know that this has happened, something is really, really wrong.

"Assert_not_NULL" implies laziness (or expedience?) in production code.  The call chain down to the asserting function hasn't been analyzed to know that a passed in pointer is not NULL, and all you want to do today is shutdown if the passed-in pointer is NULL.

Both situations require a fail-safe shutdown but you want to know that the first happened.  The second can be handled in an exception by de-referencing low memory, the first needs to be treated more seriously.

They should be handled differently because the first is so much worse than the second.

Peter
-----------------
Peter Dufault
HD Associates, Inc.      Software and System Engineering




More information about the devel mailing list