[Swan-dev] lsw_abort => passert
D. Hugh Redelmeier
hugh at mimosa.com
Mon Mar 20 02:47:04 UTC 2017
| From: Andrew Cagney <andrew.cagney at gmail.com>
| > Did you check that the very early calls to lsw_abort can safely be
| > replaced by passerts? These are the ones in plutomain.c. (I have
| > not.) Logging may not be initialized.
What I meant: they were JUST calls to abort. In FreeS/WAN.
| Only in the sense that I ran the testsuite.
That will never cause those asserts to fire:
passert(open("/dev/null", O_RDONLY) == 0);
passert(dup2(0, 1) == 1);
passert(log_to_stderr || dup2(0, 2) == 2);
Those only fire when something is seriously wrong with the environment.
| final_breath = TRUE;
s/final_breath/dying_breath/
================
passert is modelled on assert(3). It could be a macro that does
nothing (not even evaluating its argument). So depending on a
side-effect of argument evaluation is a no-no.
I'd say that the original FreeS/WAN code is better than all its
successors:
if (open("/dev/null", O_RDONLY) != 0)
abort();
if (dup2(0, 1) != 1)
abort();
if (!log_to_stderr && dup2(0, 2) != 2)
abort();
Since these cannot fail in a normal environment, it is good to not
depend on much of the environment when failure is detected (passert
does, lsw_abort does, abort does not).
More information about the Swan-dev
mailing list