nvme/utest: add SPDK_CU_ASSERT_FATAL wrapper

The normal CU_ASSERT_FATAL macro calls a function that is not marked as
noreturn, so static analyzers (e.g. scan-buid) can't figure out that
fatal asserts are really fatal.

Add a wrapper macro that calls abort(), which the analyzer can determine
does not return.

Change-Id: I0c087bf9c8d3c272bf88120caa70e87dab6d9546
Signed-off-by: Daniel Verkamp <daniel.verkamp@intel.com>

mk/nvme.unittest.mk

@@ -39,6 +39,7 @@ include $(SPDK_ROOT_DIR)/mk/spdk.common.mk
 C_SRCS = $(TEST_FILE) $(OTHER_FILES)
 
 CFLAGS += -I$(SPDK_ROOT_DIR)/lib -include $(SPDK_ROOT_DIR)/test/lib/nvme/unit/nvme_impl.h
+CFLAGS += -I$(SPDK_ROOT_DIR)/test
 
 LIBS += -lcunit -lpthread
 

test/lib/nvme/unit/nvme_c/nvme_ut.c

@@ -31,7 +31,7 @@
  *   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
-#include "CUnit/Basic.h"
+#include "spdk_cunit.h"
 
 #include "nvme/nvme.c"
 

test/lib/nvme/unit/nvme_ctrlr_c/nvme_ctrlr_ut.c

@@ -31,7 +31,7 @@
  *   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
-#include "CUnit/Basic.h"
+#include "spdk_cunit.h"
 
 #include "nvme/nvme_ctrlr.c"
 

test/lib/nvme/unit/nvme_ctrlr_cmd_c/nvme_ctrlr_cmd_ut.c

@@ -32,7 +32,7 @@
  *   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
-#include "CUnit/Basic.h"
+#include "spdk_cunit.h"
 
 #include "nvme/nvme_ctrlr_cmd.c"
 

test/lib/nvme/unit/nvme_ns_cmd_c/nvme_ns_cmd_ut.c

@@ -31,7 +31,7 @@
  *   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
-#include "CUnit/Basic.h"
+#include "spdk_cunit.h"
 
 #include "nvme/nvme_ns_cmd.c"
 
@@ -122,7 +122,7 @@ split_test(void)
 	rc = nvme_ns_cmd_read(&ns, payload, lba, lba_count, NULL, NULL);
 
 	CU_ASSERT(rc == 0);
-	CU_ASSERT_FATAL(g_request != NULL);
+	SPDK_CU_ASSERT_FATAL(g_request != NULL);
 
 	CU_ASSERT(g_request->num_children == 0);
 	nvme_cmd_interpret_rw(&g_request->cmd, &cmd_lba, &cmd_lba_count);
@@ -158,7 +158,7 @@ split_test2(void)
 	rc = nvme_ns_cmd_read(&ns, payload, lba, lba_count, NULL, NULL);
 
 	CU_ASSERT(rc == 0);
-	CU_ASSERT_FATAL(g_request != NULL);
+	SPDK_CU_ASSERT_FATAL(g_request != NULL);
 
 	CU_ASSERT(g_request->num_children == 2);
 
@@ -213,9 +213,9 @@ split_test3(void)
 	rc = nvme_ns_cmd_read(&ns, payload, lba, lba_count, NULL, NULL);
 
 	CU_ASSERT(rc == 0);
-	CU_ASSERT_FATAL(g_request != NULL);
+	SPDK_CU_ASSERT_FATAL(g_request != NULL);
 
-	CU_ASSERT_FATAL(g_request->num_children == 2);
+	SPDK_CU_ASSERT_FATAL(g_request->num_children == 2);
 
 	child = TAILQ_FIRST(&g_request->children);
 	TAILQ_REMOVE(&g_request->children, child, child_tailq);
@@ -270,9 +270,9 @@ split_test4(void)
 	rc = nvme_ns_cmd_read(&ns, payload, lba, lba_count, NULL, NULL);
 
 	CU_ASSERT(rc == 0);
-	CU_ASSERT_FATAL(g_request != NULL);
+	SPDK_CU_ASSERT_FATAL(g_request != NULL);
 
-	CU_ASSERT_FATAL(g_request->num_children == 3);
+	SPDK_CU_ASSERT_FATAL(g_request->num_children == 3);
 
 	child = TAILQ_FIRST(&g_request->children);
 	TAILQ_REMOVE(&g_request->children, child, child_tailq);

test/lib/nvme/unit/nvme_qpair_c/nvme_qpair_ut.c

@@ -31,7 +31,7 @@
  *   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
-#include "CUnit/Basic.h"
+#include "spdk_cunit.h"
 
 #include "nvme/nvme_qpair.c"
 
@@ -208,7 +208,7 @@ test3(void)
 	prepare_submit_request_test(&qpair, &ctrlr, &regs);
 
 	req = nvme_allocate_request(NULL, 0, expected_success_callback, NULL);
-	CU_ASSERT_FATAL(req != NULL);
+	SPDK_CU_ASSERT_FATAL(req != NULL);
 
 	CU_ASSERT(qpair.sq_tail == 0);
 
@@ -232,7 +232,7 @@ test4(void)
 	prepare_submit_request_test(&qpair, &ctrlr, &regs);
 
 	req = nvme_allocate_request(payload, sizeof(payload), expected_failure_callback, NULL);
-	CU_ASSERT_FATAL(req != NULL);
+	SPDK_CU_ASSERT_FATAL(req != NULL);
 
 	/* Force vtophys to return a failure.  This should
 	 *  result in the nvme_qpair manually failing
@@ -265,7 +265,7 @@ test_ctrlr_failed(void)
 	prepare_submit_request_test(&qpair, &ctrlr, &regs);
 
 	req = nvme_allocate_request(payload, sizeof(payload), expected_failure_callback, NULL);
-	CU_ASSERT_FATAL(req != NULL);
+	SPDK_CU_ASSERT_FATAL(req != NULL);
 
 	/* Disable the queue and set the controller to failed.
 	 * Set the controller to resetting so that the qpair won't get re-enabled.
@@ -310,14 +310,14 @@ static void test_nvme_qpair_fail(void)
 	tr_temp = nvme_malloc("nvme_tracker", sizeof(struct nvme_tracker),
 			      64, &phys_addr);
 	tr_temp->req = nvme_allocate_request(NULL, 0, expected_failure_callback, NULL);
-	CU_ASSERT_FATAL(tr_temp->req != NULL);
+	SPDK_CU_ASSERT_FATAL(tr_temp->req != NULL);
 
 	LIST_INSERT_HEAD(&qpair.outstanding_tr, tr_temp, list);
 	nvme_qpair_fail(&qpair);
 	CU_ASSERT_TRUE(LIST_EMPTY(&qpair.outstanding_tr));
 
 	req = nvme_allocate_request(NULL, 0, expected_failure_callback, NULL);
-	CU_ASSERT_FATAL(req != NULL);
+	SPDK_CU_ASSERT_FATAL(req != NULL);
 
 	STAILQ_INSERT_HEAD(&qpair.queued_req, req, stailq);
 	nvme_qpair_fail(&qpair);
@@ -392,7 +392,7 @@ static void test_nvme_qpair_destroy(void)
 	tr_temp = nvme_malloc("nvme_tracker", sizeof(struct nvme_tracker),
 			      64, &phys_addr);
 	tr_temp->req = nvme_allocate_request(NULL, 0, expected_failure_callback, NULL);
-	CU_ASSERT_FATAL(tr_temp->req != NULL);
+	SPDK_CU_ASSERT_FATAL(tr_temp->req != NULL);
 
 	tr_temp->req->cmd.opc = NVME_OPC_ASYNC_EVENT_REQUEST;
 	LIST_INSERT_HEAD(&qpair.outstanding_tr, tr_temp, list);

test/spdk_cunit.h

@@ -0,0 +1,48 @@
+/*-
+ *   BSD LICENSE
+ *
+ *   Copyright(c) 2016 Intel Corporation. All rights reserved.
+ *   All rights reserved.
+ *
+ *   Redistribution and use in source and binary forms, with or without
+ *   modification, are permitted provided that the following conditions
+ *   are met:
+ *
+ *     * Redistributions of source code must retain the above copyright
+ *       notice, this list of conditions and the following disclaimer.
+ *     * Redistributions in binary form must reproduce the above copyright
+ *       notice, this list of conditions and the following disclaimer in
+ *       the documentation and/or other materials provided with the
+ *       distribution.
+ *     * Neither the name of Intel Corporation nor the names of its
+ *       contributors may be used to endorse or promote products derived
+ *       from this software without specific prior written permission.
+ *
+ *   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ *   "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ *   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ *   A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ *   OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ *   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ *   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ *   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ *   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ *   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ *   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifndef SPDK_CUNIT_H
+#define SPDK_CUNIT_H
+
+#include <stdlib.h>
+#include <CUnit/Basic.h>
+
+/*
+ * CU_ASSERT_FATAL calls a function that does a longjmp() internally, but only for fatal asserts,
+ * so the function itself is not marked as noreturn.  Add an abort() after the assert to help
+ * static analyzers figure out that it really doesn't return.
+ * The abort() will never actually execute.
+ */
+#define SPDK_CU_ASSERT_FATAL(cond) do { CU_ASSERT_FATAL(cond); if (!(cond)) { abort(); } } while (0)
+
+#endif /* SPDK_CUNIT_H */