From patchwork Wed Apr 16 16:42:58 2014 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Mike Holmes X-Patchwork-Id: 28499 Return-Path: X-Original-To: linaro@patches.linaro.org Delivered-To: linaro@patches.linaro.org Received: from mail-yk0-f198.google.com (mail-yk0-f198.google.com [209.85.160.198]) by ip-10-151-82-157.ec2.internal (Postfix) with ESMTPS id DAA5E2036A for ; Wed, 16 Apr 2014 16:44:45 +0000 (UTC) Received: by mail-yk0-f198.google.com with SMTP id 9sf24651867ykp.9 for ; Wed, 16 Apr 2014 09:44:45 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:delivered-to:from:to:date:message-id:in-reply-to :references:mime-version:subject:precedence:list-id:list-unsubscribe :list-archive:list-post:list-help:list-subscribe:errors-to:sender :x-original-sender:x-original-authentication-results:mailing-list :content-type:content-transfer-encoding; bh=komf57DPz518ObWCtrE/4e4Li5Zcn/J6Oyd0QCYY4bk=; b=LakzbfDiOEpUkZ/ofvff3X073fscNa0ehhCug8VSAMIaEzhzizoCeSwrjHtA5Xuulm 2DHoSzrHSFpw2VMSLaQgmBO0FPIyPGLPoTI59KUIFaURQ252oEiHsBzrzyH5cO8+ag5J tv4XDPsBNIWPJGJaVdEXyMuB/MBzU9/p+Y1RqRSogMxdExx1OStcu1ordcBADPV2/1xF TMEhcVPv7czx/sZAGT5Gx6NCRxa2jKYrwtL6rDnD1eT7QsX28m7YgYMtLbfJhdt+AnGI 2u7LgmBov8ochMYTNKUcEWQDp/Bn7xE89epQlNFSBAX26Dcebm8FZk4fIsDmUjdX44yg aloA== X-Gm-Message-State: ALoCoQmt/J/UFKDifV44HbF3TmMIHy1jSRe1im+1jbEv/X7R2sXnn6HaNHgSj4jX3hJnZUQ8DaTG X-Received: by 10.52.163.82 with SMTP id yg18mr2123393vdb.3.1397666685582; Wed, 16 Apr 2014 09:44:45 -0700 (PDT) X-BeenThere: patchwork-forward@linaro.org Received: by 10.140.97.8 with SMTP id l8ls739180qge.27.gmail; Wed, 16 Apr 2014 09:44:45 -0700 (PDT) X-Received: by 10.220.10.2 with SMTP id n2mr2357909vcn.26.1397666685356; Wed, 16 Apr 2014 09:44:45 -0700 (PDT) Received: from mail-vc0-f174.google.com (mail-vc0-f174.google.com [209.85.220.174]) by mx.google.com with ESMTPS id sw4si3948565vdc.156.2014.04.16.09.44.45 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Wed, 16 Apr 2014 09:44:45 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.174 is neither permitted nor denied by best guess record for domain of patch+caf_=patchwork-forward=linaro.org@linaro.org) client-ip=209.85.220.174; Received: by mail-vc0-f174.google.com with SMTP id ld13so10843542vcb.19 for ; Wed, 16 Apr 2014 09:44:45 -0700 (PDT) X-Received: by 10.58.90.99 with SMTP id bv3mr1014885veb.34.1397666685279; Wed, 16 Apr 2014 09:44:45 -0700 (PDT) X-Forwarded-To: patchwork-forward@linaro.org X-Forwarded-For: patch@linaro.org patchwork-forward@linaro.org Delivered-To: patch@linaro.org Received: by 10.220.221.72 with SMTP id ib8csp326732vcb; Wed, 16 Apr 2014 09:44:44 -0700 (PDT) X-Received: by 10.224.65.194 with SMTP id k2mr4432550qai.59.1397666684729; Wed, 16 Apr 2014 09:44:44 -0700 (PDT) Received: from ip-10-141-164-156.ec2.internal (lists.linaro.org. [54.225.227.206]) by mx.google.com with ESMTPS id h5si9351988qas.165.2014.04.16.09.44.44 for (version=TLSv1 cipher=RC4-SHA bits=128/128); Wed, 16 Apr 2014 09:44:44 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) client-ip=54.225.227.206; Received: from localhost ([127.0.0.1] helo=ip-10-141-164-156.ec2.internal) by ip-10-141-164-156.ec2.internal with esmtp (Exim 4.76) (envelope-from ) id 1WaSwq-0004i6-Ux; Wed, 16 Apr 2014 16:44:32 +0000 Received: from mail-qa0-f48.google.com ([209.85.216.48]) by ip-10-141-164-156.ec2.internal with esmtp (Exim 4.76) (envelope-from ) id 1WaSwd-0004h2-HZ for lng-odp@lists.linaro.org; Wed, 16 Apr 2014 16:44:19 +0000 Received: by mail-qa0-f48.google.com with SMTP id s7so10378996qap.35 for ; Wed, 16 Apr 2014 09:44:25 -0700 (PDT) X-Received: by 10.224.131.67 with SMTP id w3mr6372937qas.32.1397666664846; Wed, 16 Apr 2014 09:44:24 -0700 (PDT) Received: from fedora1.holmesfamily.ws (c-98-221-136-245.hsd1.nj.comcast.net. [98.221.136.245]) by mx.google.com with ESMTPSA id i5sm44371055qab.0.2014.04.16.09.44.24 for (version=TLSv1.2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Wed, 16 Apr 2014 09:44:24 -0700 (PDT) From: Mike Holmes To: lng-odp@lists.linaro.org Date: Wed, 16 Apr 2014 12:42:58 -0400 Message-Id: <1397666579-9600-2-git-send-email-mike.holmes@linaro.org> X-Mailer: git-send-email 1.9.1 In-Reply-To: <1397666579-9600-1-git-send-email-mike.holmes@linaro.org> References: <1397666579-9600-1-git-send-email-mike.holmes@linaro.org> MIME-Version: 1.0 Subject: [lng-odp] [PATCH v4 1/2] exception handling X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: , List-Help: , List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: lng-odp-bounces@lists.linaro.org X-Removed-Original-Auth: Dkim didn't pass. X-Original-Sender: mike.holmes@linaro.org X-Original-Authentication-Results: mx.google.com; spf=neutral (google.com: 209.85.220.174 is neither permitted nor denied by best guess record for domain of patch+caf_=patchwork-forward=linaro.org@linaro.org) smtp.mail=patch+caf_=patchwork-forward=linaro.org@linaro.org Mailing-list: list patchwork-forward@linaro.org; contact patchwork-forward+owners@linaro.org X-Google-Group-Id: 836684582541 Signed-off-by: Mike Holmes --- exception_handling.dox | 95 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 95 insertions(+) create mode 100644 exception_handling.dox diff --git a/exception_handling.dox b/exception_handling.dox new file mode 100644 index 0000000..d99d5a0 --- /dev/null +++ b/exception_handling.dox @@ -0,0 +1,95 @@ +/* Copyright (c) 2013, Linaro Limited + * All rights reserved + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +/** +@page exception_handling Exception handling in the ODP API +@tableofcontents + +For the implimentation of the exception handling please see @ref odp_debug.h + +@section requirements Requirements +- Minimal overhead in a finished running system. +- Minimizing the propagation of an error from its point of origin +- Identifying what is a programming error +- Identifying a legitimate infield exception +- We only specify what happens inside the ODP library, not in a calling application + +There are two kinds of exceptional behaviour, +-# Run time exceptions, those that are unusual but foreseeable cases in a running system (out of memory) +-# Programming exceptions, those introduced as bugs (null pointers, out of bounds). + +@section run_time Run time exceptions +These are characterized by the following rules in order of importance +-# These must gracefully leave the system in a known stable state. +-# These checks must remain unconditionally in the code base. +-# These should return the error state to the caller. +-# They may emit an error message via \ref ODP_ERR which can be redefined or disabled. + +@subsection run_time_examples Examples +- Being "too late" to cancel a timer that's already popped, or exceeding some implementation-defined limit +- Backpressure due to resource limits (corner case that is error-prone) +- Checks for any condition that could arise in the field, e.g. running out of buffers or failure to allocate memory +@code + +if (unrecoverable_out_of_foos == 1) +{ + ODP_ERR("Completely unable to proceed, no foos available"); + tidy_op_for_exit(); + ... +} + +@endcode +@note ODP does not trap segfaults, it may not be checking for NULL pointers etc to improve the execution speed. The application should trap segfaults. + +@section programming_exceptions Programming exceptions +There are two classes of programming error +-# Compile time, these can be caught by compile time assertions in the preprocessor +-# Run Time, these are run time assertions + +@section compile_time Compile time programming exceptions +These have the following rules +-# Zero overhead at run time, they never need to be turned off (undefined) +-# Use @#error which will break the build, or @#warning which may not break the build unless -Werror is defined. +-# Can be done for any static evaluation case. + +@subsection compile_time_examples Examples +Checking size and alignment of a struct with offsetof + +@code +typedef struct timer timer; +struct timer +{ + uint8_t MODE; + uint32_t DATA; + uint32_t COUNT; +}; + + +#if (offsetof(timer, DATA) != 4) +#error DATA must be at offset 4 in timer +#endif +@endcode + +@section compile_run_time Run time programming exceptions +There are two rules +-# These must be capable of being turned off by defining -DODP_NO_DEBUG +-# They must use ODP_ASSERT so that the output may be redirected on systems without stderr. +-# ODP_ASSERT will call abort() as its final operation. + +@note ODP_ASSERT is defined to make it easier to redirect output from stderr. For example +an in memory text buffer may be in use if stderr has no meaning on a bare metal implimentation + +@subsection compile_run_time_examples Examples +Checks that the API function arguments are within the permitted value range (e.g. handle validation + +@code +void odp_foo(char *pointer) +{ + ODP_ASSERT(pointer != NULL); + … +} +@endcode +*/