commit 532820b11c9d0566b45b3dd19f01cf3e16d984ef Author: Nick Mathewson nickm@torproject.org Date: Tue Apr 12 10:10:44 2016 -0400

Add a BUG macro for usage in if checks. --- src/common/util_bug.c | 3 ++- src/common/util_bug.h | 14 ++++++++++++++ src/or/connection.c | 6 ++---- 3 files changed, 18 insertions(+), 5 deletions(-)

diff --git a/src/common/util_bug.c b/src/common/util_bug.c index 606c665..e3e1d6d 100644 --- a/src/common/util_bug.c +++ b/src/common/util_bug.c @@ -26,7 +26,7 @@ tor_assertion_failed_(const char *fname, unsigned int line, log_backtrace(LOG_ERR, LD_BUG, buf); }

- +/** Helper for tor_assert_nonfatal: report the assertion failure. */ void tor_bug_occurred_(const char *fname, unsigned int line, const char *func, const char *expr, @@ -50,3 +50,4 @@ tor_bug_occurred_(const char *fname, unsigned int line, } log_backtrace(LOG_WARN, LD_BUG, buf); } + diff --git a/src/common/util_bug.h b/src/common/util_bug.h index ce54266..a5f78f2 100644 --- a/src/common/util_bug.h +++ b/src/common/util_bug.h @@ -51,6 +51,11 @@ /* Non-fatal bug assertions. The "unreached" variants mean "this line should * never be reached." The "once" variants mean "Don't log a warning more than * once". + * + * The 'BUG' macro checks a boolean condition and logs an error message if it + * is true. Example usage: + * if (BUG(x == NULL)) + * return -1; */

#ifdef ALL_BUGS_ARE_FATAL @@ -58,11 +63,16 @@ #define tor_assert_nonfatal(cond) tor_assert((cond)) #define tor_assert_nonfatal_unreached_once() tor_assert(0) #define tor_assert_nonfatal_once(cond) tor_assert((cond)) +#define BUG(cond) \ + ((cond) ? \ + (tor_assertion_failed_(SHORT_FILE__,__LINE__,__func__,#cond), abort(), 1) \ + : 0) #elif defined(TOR_UNIT_TESTS) && defined(DISABLE_ASSERTS_IN_UNIT_TESTS) #define tor_assert_nonfatal_unreached() STMT_NIL #define tor_assert_nonfatal(cond) ((void)(cond)) #define tor_assert_nonfatal_unreached_once() STMT_NIL #define tor_assert_nonfatal_once(cond) ((void)(cond)) +#define BUG(cond) ((cond) ? 1 : 0) #else /* Normal case, !ALL_BUGS_ARE_FATAL, !DISABLE_ASSERTS_IN_UNIT_TESTS */ #define tor_assert_nonfatal_unreached() STMT_BEGIN \ tor_bug_occurred_(SHORT_FILE__, __LINE__, __func__, NULL, 0); \ @@ -86,6 +96,10 @@ tor_bug_occurred_(SHORT_FILE__, __LINE__, __func__, #cond, 1); \ } \ STMT_END +#define BUG(cond) \ + ((cond) ? \ + (tor_bug_occurred_(SHORT_FILE__,__LINE__,__func__,#cond,0), 1) \ + : 0) #endif

/** Define this if you want Tor to crash when any problem comes up, diff --git a/src/or/connection.c b/src/or/connection.c index 78178f9..1bd1a92 100644 --- a/src/or/connection.c +++ b/src/or/connection.c @@ -665,9 +665,7 @@ connection_free,(connection_t *conn)) return; tor_assert(!connection_is_on_closeable_list(conn)); tor_assert(!connection_in_array(conn)); - if (conn->linked_conn) { - log_err(LD_BUG, "Called with conn->linked_conn still set."); - tor_fragile_assert(); + if (BUG(conn->linked_conn)) { conn->linked_conn->linked_conn = NULL; if (! conn->linked_conn->marked_for_close && conn->linked_conn->reading_from_linked_conn) @@ -3644,7 +3642,7 @@ connection_read_to_buf(connection_t *conn, ssize_t *max_to_read, * take us over our read allotment, but really we shouldn't be * believing that SSL bytes are the same as TCP bytes anyway. */ int r2 = read_to_buf_tls(or_conn->tls, pending, conn->inbuf); - if (r2<0) { + if (BUG(r2<0)) { log_warn(LD_BUG, "apparently, reading pending bytes can fail."); return -1; }