1 /*- 2 * SPDX-License-Identifier: BSD-3-Clause 3 * 4 * Copyright (c) 1999 Eivind Eklund <eivind@FreeBSD.org> 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 1. Redistributions of source code must retain the above copyright 10 * notice, this list of conditions and the following disclaimer. 11 * 2. Redistributions in binary form must reproduce the above copyright 12 * notice, this list of conditions and the following disclaimer in the 13 * documentation and/or other materials provided with the distribution. 14 * 3. Neither the name of the University nor the names of its contributors 15 * may be used to endorse or promote products derived from this software 16 * without specific prior written permission. 17 * 18 * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND 19 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 20 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 21 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 22 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 23 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 24 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 25 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 26 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 27 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 28 * SUCH DAMAGE. 29 */ 30 31 #ifndef _SYS_KASSERT_H_ 32 #define _SYS_KASSERT_H_ 33 34 #include <sys/cdefs.h> 35 36 #ifdef _KERNEL 37 extern const char *panicstr; /* panic message */ 38 #define KERNEL_PANICKED() __predict_false(panicstr != NULL) 39 40 /* 41 * Trap accesses going through a pointer. 42 * 43 * Sample usage: you have a struct with numerous fields and by API contract 44 * only some of them get populated, even if the implementation temporary writes 45 * to them. You can use DEBUG_POISON_POINTER so that the consumer which should 46 * no be looking at the field gets caught. 47 * 48 * DEBUG_POISON_POINTER(obj->ptr); 49 * .... 50 * if (obj->ptr->field) // traps 51 */ 52 #ifdef INVARIANTS 53 54 extern caddr_t poisoned_buf; 55 #define DEBUG_POISON_POINTER_VALUE poisoned_buf 56 57 #define DEBUG_POISON_POINTER(x) ({ \ 58 x = (void *)(DEBUG_POISON_POINTER_VALUE); \ 59 }) 60 61 #else 62 #define DEBUG_POISON_POINTER(x) 63 #endif 64 65 #ifdef INVARIANTS /* The option is always available */ 66 #define VNASSERT(exp, vp, msg) do { \ 67 if (__predict_false(!(exp))) { \ 68 vn_printf(vp, "VNASSERT failed: %s not true at %s:%d (%s)\n",\ 69 #exp, __FILE__, __LINE__, __func__); \ 70 kassert_panic msg; \ 71 } \ 72 } while (0) 73 #define MPASSERT(exp, mp, msg) do { \ 74 if (__predict_false(!(exp))) { \ 75 printf("MPASSERT mp %p failed: %s not true at %s:%d (%s)\n",\ 76 (mp), #exp, __FILE__, __LINE__, __func__); \ 77 kassert_panic msg; \ 78 } \ 79 } while (0) 80 #define VNPASS(exp, vp) do { \ 81 const char *_exp = #exp; \ 82 VNASSERT(exp, vp, ("condition %s not met at %s:%d (%s)", \ 83 _exp, __FILE__, __LINE__, __func__)); \ 84 } while (0) 85 #define MPPASS(exp, mp) do { \ 86 const char *_exp = #exp; \ 87 MPASSERT(exp, mp, ("condition %s not met at %s:%d (%s)", \ 88 _exp, __FILE__, __LINE__, __func__)); \ 89 } while (0) 90 #define __assert_unreachable() \ 91 panic("executing segment marked as unreachable at %s:%d (%s)\n", \ 92 __FILE__, __LINE__, __func__) 93 #else /* INVARIANTS */ 94 #define VNASSERT(exp, vp, msg) do { \ 95 } while (0) 96 #define MPASSERT(exp, mp, msg) do { \ 97 } while (0) 98 #define VNPASS(exp, vp) do { \ 99 } while (0) 100 #define MPPASS(exp, mp) do { \ 101 } while (0) 102 #define __assert_unreachable() __unreachable() 103 #endif /* INVARIANTS */ 104 105 #ifndef CTASSERT /* Allow lint to override */ 106 #define CTASSERT(x) _Static_assert(x, "compile-time assertion failed") 107 #endif 108 109 /* 110 * These functions need to be declared before the KASSERT macro is invoked in 111 * !KASSERT_PANIC_OPTIONAL builds, so their declarations are sort of out of 112 * place compared to other function definitions in this header. On the other 113 * hand, this header is a bit disorganized anyway. 114 */ 115 void panic(const char *, ...) __dead2 __printflike(1, 2); 116 void vpanic(const char *, __va_list) __dead2 __printflike(1, 0); 117 #endif /* _KERNEL */ 118 119 #if defined(_STANDALONE) 120 /* 121 * Until we have more experience with KASSERTS that are called 122 * from the boot loader, they are off. The bootloader does this 123 * a little differently than the kernel (we just call printf atm). 124 * we avoid most of the common functions in the boot loader, so 125 * declare printf() here too. 126 */ 127 int printf(const char *, ...) __printflike(1, 2); 128 # define kassert_panic printf 129 #else /* !_STANDALONE */ 130 # if defined(WITNESS) || defined(INVARIANT_SUPPORT) 131 # ifdef KASSERT_PANIC_OPTIONAL 132 void kassert_panic(const char *fmt, ...) __printflike(1, 2); 133 # else 134 # define kassert_panic panic 135 # endif /* KASSERT_PANIC_OPTIONAL */ 136 # endif /* defined(WITNESS) || defined(INVARIANT_SUPPORT) */ 137 #endif /* _STANDALONE */ 138 139 /* 140 * Kernel assertion; see KASSERT(9) for details. 141 */ 142 #if (defined(_KERNEL) && defined(INVARIANTS)) || defined(_STANDALONE) 143 #define KASSERT(exp,msg) do { \ 144 if (__predict_false(!(exp))) \ 145 kassert_panic msg; \ 146 } while (0) 147 #else /* !(KERNEL && INVARIANTS) && !_STANDALONE */ 148 #define KASSERT(exp,msg) do { \ 149 } while (0) 150 #endif /* (_KERNEL && INVARIANTS) || _STANDALONE */ 151 152 #ifdef _KERNEL 153 /* 154 * Macros for generating panic messages based on the exact condition text. 155 * 156 * NOTE: Use these with care, as the resulting message might omit key 157 * information required to understand the assertion failure. Consult the 158 * MPASS(9) man page for guidance. 159 */ 160 #define MPASS(ex) MPASS4(ex, #ex, __FILE__, __LINE__) 161 #define MPASS2(ex, what) MPASS4(ex, what, __FILE__, __LINE__) 162 #define MPASS3(ex, file, line) MPASS4(ex, #ex, file, line) 163 #define MPASS4(ex, what, file, line) \ 164 KASSERT((ex), ("Assertion %s failed at %s:%d", what, file, line)) 165 166 /* 167 * Assert that a pointer can be loaded from memory atomically. 168 * 169 * This assertion enforces stronger alignment than necessary. For example, 170 * on some architectures, atomicity for unaligned loads will depend on 171 * whether or not the load spans multiple cache lines. 172 */ 173 #define ASSERT_ATOMIC_LOAD_PTR(var, msg) \ 174 KASSERT(sizeof(var) == sizeof(void *) && \ 175 ((uintptr_t)&(var) & (sizeof(void *) - 1)) == 0, msg) 176 /* 177 * Assert that a thread is in critical(9) section. 178 */ 179 #define CRITICAL_ASSERT(td) \ 180 KASSERT((td)->td_critnest >= 1, ("Not in critical section")) 181 182 #endif /* _KERNEL */ 183 184 #endif /* _SYS_KASSERT_H_ */ 185