Add option to force assertions to always abort#4677
Add option to force assertions to always abort#4677celskeggs wants to merge 3 commits intonasa:develfrom
Conversation
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| s_assertHook->doAssert(); | ||
| } | ||
| return 0; | ||
| #if FW_ASSERTIONS_ALWAYS_ABORT |
Check notice
Code scanning / CodeQL
Conditional compilation Note
| I8 SwAssert(FILE_NAME_ARG file, FwSizeType lineNo) { | ||
| return defaultSwAssert(file, lineNo, 0, 0, 0, 0, 0, 0, 0); | ||
| defaultSwAssert(file, lineNo, 0, 0, 0, 0, 0, 0, 0); | ||
| #if !FW_ASSERTIONS_ALWAYS_ABORT |
Check notice
Code scanning / CodeQL
Conditional compilation Note
| I8 SwAssert(FILE_NAME_ARG file, FwAssertArgType arg1, FwSizeType lineNo) { | ||
| return defaultSwAssert(file, lineNo, 1, arg1, 0, 0, 0, 0, 0); | ||
| defaultSwAssert(file, lineNo, 1, arg1, 0, 0, 0, 0, 0); | ||
| #if !FW_ASSERTIONS_ALWAYS_ABORT |
Check notice
Code scanning / CodeQL
Conditional compilation Note
| I8 SwAssert(FILE_NAME_ARG file, FwAssertArgType arg1, FwAssertArgType arg2, FwSizeType lineNo) { | ||
| return defaultSwAssert(file, lineNo, 2, arg1, arg2, 0, 0, 0, 0); | ||
| defaultSwAssert(file, lineNo, 2, arg1, arg2, 0, 0, 0, 0); | ||
| #if !FW_ASSERTIONS_ALWAYS_ABORT |
Check notice
Code scanning / CodeQL
Conditional compilation Note
| I8 SwAssert(FILE_NAME_ARG file, FwAssertArgType arg1, FwAssertArgType arg2, FwAssertArgType arg3, FwSizeType lineNo) { | ||
| return defaultSwAssert(file, lineNo, 3, arg1, arg2, arg3, 0, 0, 0); | ||
| defaultSwAssert(file, lineNo, 3, arg1, arg2, arg3, 0, 0, 0); | ||
| #if !FW_ASSERTIONS_ALWAYS_ABORT |
Check notice
Code scanning / CodeQL
Conditional compilation Note
| FwSizeType lineNo) { | ||
| return defaultSwAssert(file, lineNo, 4, arg1, arg2, arg3, arg4, 0, 0); | ||
| defaultSwAssert(file, lineNo, 4, arg1, arg2, arg3, arg4, 0, 0); | ||
| #if !FW_ASSERTIONS_ALWAYS_ABORT |
Check notice
Code scanning / CodeQL
Conditional compilation Note
| FwSizeType lineNo) { | ||
| return defaultSwAssert(file, lineNo, 5, arg1, arg2, arg3, arg4, arg5, 0); | ||
| defaultSwAssert(file, lineNo, 5, arg1, arg2, arg3, arg4, arg5, 0); | ||
| #if !FW_ASSERTIONS_ALWAYS_ABORT |
Check notice
Code scanning / CodeQL
Conditional compilation Note
| FwSizeType lineNo) { | ||
| return defaultSwAssert(file, lineNo, 6, arg1, arg2, arg3, arg4, arg5, arg6); | ||
| defaultSwAssert(file, lineNo, 6, arg1, arg2, arg3, arg4, arg5, arg6); | ||
| #if !FW_ASSERTIONS_ALWAYS_ABORT |
Check notice
Code scanning / CodeQL
Conditional compilation Note
There was a problem hiding this comment.
CodeQL found more than 20 potential problems in the proposed changes. Check the Files changed tab for more details.
| FwAssertArgType arg4, | ||
| FwAssertArgType arg5, | ||
| FwAssertArgType arg6) { | ||
| FW_ASSERT_NORETURN void defaultSwAssert(FILE_NAME_ARG file, |
Check notice
Code scanning / CodeQL
Function too long Note
1 participant
Change Description
Add an option to let projects decide whether the framework should force assertions to always abort.
If enabled, this option allows prevents code from running after an assertion trips. This enables additional compiler optimizations.
If disabled, this option allows the FATAL event handler to decide whether code should continue running after an assertion trips. This is the default and is consistent with the existing assertion behavior in F Prime. Therefore, users should not observe any change in behavior unless they make the decision to change the configuration.
Rationale
When assertions have the possibility of returning, the compiler needs to generate code for that case. This code can in some cases be complex enough to prevent inlining of otherwise short functions when under
-Os. This can result in increased code size and performance degradation.The existing default behavior is important for projects that need the ability to disable abort-on-FATAL and abort-on-ASSERT at runtime. However, just because this behavior is needed for some projects, does not mean it should be required for all projects.
While the ability to provide alternative assertion hooks is valuable, it is insufficient, as it is often not possible for the compiler to predict the assertion hook that will be used at compile time. The compiler needs to be confident that
Fw::SwAssertcannot return at the point of each use.Testing/Review Recommendations
Please consider whether the newly introduced option has the right name and description.
Future Work
None in particular.
AI Usage (see policy)
Not used.