Make assertions actually useful

There are some places in passt/pasta which #include <assert.h> and make
various assertions.  If we hit these something has already gone wrong, but
they're there so that we a useful message instead of cryptic misbehaviour
if assumptions we thought were correct turn out not to be.

Except.. the glibc implementation of assert() uses syscalls that aren't in
our seccomp filter, so we'll get a SIGSYS before it actually prints the
message.  Work around this by adding our own ASSERT() implementation using
our existing err() function to log the message, and an abort().  The
abort() probably also won't work exactly right with seccomp, but once we've
printed the message, dying with a SIGSYS works just as well as dying with
a SIGABRT.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>

1 files changed, 19 insertions, 1 deletions

diff --git a/util.h b/util.h
index 4a1c03e..6303c17 100644
--- a/util.h
+++ b/util.h
@@ -6,6 +6,11 @@
 #ifndef UTIL_H
 #define UTIL_H
 
+#include <stdlib.h>
+#include <stdarg.h>
+
+#include "log.h"
+
 #define VERSION_BLOB							       \
 	VERSION "\n"							       \
 	"Copyright Red Hat\n"						       \
@@ -47,6 +52,18 @@
 #define STRINGIFY(x)	#x
 #define STR(x)		STRINGIFY(x)
 
+#define ASSERT(expr)							\
+	do {								\
+		if (!(expr)) {						\
+			err("ASSERTION FAILED in %s (%s:%d): %s",	\
+			    __func__, __FILE__, __LINE__, STRINGIFY(expr)); \
+			/* This may actually SIGSYS, due to seccomp,	\
+			 * but that will still get the job done		\
+			 */						\
+			abort();					\
+		}							\
+	} while (0)
+
 #ifdef P_tmpdir
 #define TMPDIR		P_tmpdir
 #else
@@ -134,7 +151,8 @@ int do_clone(int (*fn)(void *), char *stack_area, size_t stack_size, int flags,
 
 #include <net/if.h>
 #include <limits.h>
-#include <stdarg.h>
+#include <stdint.h>
+#include <netinet/ip6.h>
 
 #include "packet.h"