|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH for-next] CODING_STYLE: Document how to handle unexpected conditions
>>> George Dunlap <george.dunlap@xxxxxxxxxx> 03/01/19 6:39 PM >>> >On 3/1/19 5:12 PM, Jan Beulich wrote: >>>>> George Dunlap <george.dunlap@xxxxxxxxxx> 02/28/19 7:50 PM >>> >>> +* Programmers can use ASSERT(), which will cause the check to be >>> +executed in DEBUG builds, and cause the hypervisor to crash if it's >>> +violated >> >> Is it perhaps worth calling out explicitly that the supposed crash may occur >> much later, in a different context, and hence be perhaps rather difficult to >> analyze/debug? > >Sorry, I don't quite understand this -- when you trigger an ASSERT() it >crashes right away last time I checked. Did you mean instead to reply >to the ASSERT() section of the GUIDELINES, which says you can use ASSERT >if it may have an effect later whose badness is equal to or less than a >host crash? I did indeed pick the wrong context for my reply, and had meant that other place instead. >It also occurs to me that ASSERT()s are really orthogonal to the other >three: At each point, you should consider whether in a production >hypervisor you should 1) do nothing, 2) return an error, 3) crash the >domain, or 4) crash the hypervisor; and in the case of 1-3, you might >also want to add an ASSERT to move the detection of unexpected state >closer to the point where it happens. Agreed. Jan _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxxx https://lists.xenproject.org/mailman/listinfo/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |