Merge #17192: util: Add CHECK_NONFATAL and use it in src/rpc

faeb666536 util: Add CHECK_NONFATAL and use it in src/rpc (MarcoFalke) Pull request description: Fixes #17181 Currently, we use `assert` in RPC code to document logic and code assumptions. However, it seems a bit extreme to abort all of Bitcoin Core on an assert failure in one of the RPC threads. I suggest to replace all `assert`s with a macro `CHECK_NONFATAL(condition)` that throws a runtime error when the condition evaluates to `false`. That runtime error will then be returned to the rpc caller and will include instructions to report the error to our issue tracker. ACKs for top commit: practicalswift: ACK faeb666536 laanwj: ACK faeb666536 ryanofsky: Code review ACK faeb666536 Tree-SHA512: 9b748715a5e0767ac11f1324a95a3a6ec672a0e0658013492219223bda83ce4b1b447fd8183bbb235f7df5ef7dddda7666ad569544b4d61cc65f232ca7a800ec
2026-06-05 10:42:13 +02:00 · 2019-10-28 11:56:43 +01:00
parent be50469217 faeb666536
commit 9ae468a6d5
6 changed files with 63 additions and 10 deletions
--- a/src/util/check.h
+++ b/src/util/check.h
@@ -0,0 +1,41 @@
+// Copyright (c) 2019 The Bitcoin Core developers
+// Distributed under the MIT software license, see the accompanying
+// file COPYING or http://www.opensource.org/licenses/mit-license.php.
+
+#ifndef BITCOIN_UTIL_CHECK_H
+#define BITCOIN_UTIL_CHECK_H
+
+#include <tinyformat.h>
+
+#include <stdexcept>
+
+class NonFatalCheckError : public std::runtime_error
+{
+    using std::runtime_error::runtime_error;
+};
+
+/**
+ * Throw a NonFatalCheckError when the condition evaluates to false
+ *
+ * This should only be used
+ * - where the condition is assumed to be true, not for error handling or validating user input
+ * - where a failure to fulfill the condition is recoverable and does not abort the program
+ *
+ * For example in RPC code, where it is undersirable to crash the whole program, this can be generally used to replace
+ * asserts or recoverable logic errors. A NonFatalCheckError in RPC code is caught and passed as a string to the RPC
+ * caller, which can then report the issue to the developers.
+ */
+#define CHECK_NONFATAL(condition)                                 \
+    do {                                                          \
+        if (!(condition)) {                                       \
+            throw NonFatalCheckError(                             \
+                strprintf("%s:%d (%s)\n"                          \
+                          "Internal bug detected: '%s'\n"         \
+                          "You may report this issue here: %s\n", \
+                    __FILE__, __LINE__, __func__,                 \
+                    (#condition),                                 \
+                    PACKAGE_BUGREPORT));                          \
+        }                                                         \
+    } while (false)
+
+#endif // BITCOIN_UTIL_CHECK_H