From bc872d91765dfd6ff34b0e9a34bce410fac1cef3 Mon Sep 17 00:00:00 2001 From: David Gibson Date: Thu, 19 Mar 2026 17:11:43 +1100 Subject: treewide: Spell ASSERT() as assert() The standard library assert(3), at least with glibc, hits our seccomp filter and dies with SIGSYS before it's able to print a message, making it near useless. Therefore, since 7a8ed9459dfe ("Make assertions actually useful") we've instead used our own implementation, named ASSERT(). This makes our code look slightly odd though - ASSERT() has the same overall effect as assert(), it's just a different implementation. More importantly this makes it awkward to share code between passt/pasta proper and things that compile in a more typical environment. We're going to want that for our upcoming dynamic configuration tool. Address this by overriding the standard library's assert() implementation with our own, instead of giving ours its own name. The standard assert() is supposed to be omitted if NDEBUG is defined, which ours doesn't do. Implement that as well, so ours doesn't unexpectedly differ. For the -DNDEBUG case we do this by *not* overriding assert(), since it will be a no-op anyway. This requires a few places to add a #include to let us compile (albeit with warnings) when -DNDEBUG. Signed-off-by: David Gibson [sbrivio: Fix some conflicts and missing conversions as a result of applying "vu_common: Move iovec management into vu_collect()" first] Signed-off-by: Stefano Brivio --- Makefile | 2 +- conf.c | 6 ++--- flow.c | 80 ++++++++++++++++++++++++++++++------------------------------ flow_table.h | 2 +- fwd.c | 14 +++++------ icmp.c | 14 +++++------ inany.h | 4 +-- iov.c | 3 ++- isolation.c | 2 +- lineread.c | 5 ++-- netlink.c | 2 +- packet.c | 4 +-- passt.c | 2 +- pif.c | 4 +-- tap.c | 6 ++--- tcp.c | 24 +++++++++--------- tcp_splice.c | 10 ++++---- tcp_vu.c | 12 ++++----- udp.c | 22 ++++++++--------- udp_flow.c | 4 +-- udp_vu.c | 6 ++--- util.c | 6 ++--- util.h | 15 +++++++++--- vhost_user.c | 8 +++--- virtio.c | 5 ++-- vu_common.c | 4 +-- 26 files changed, 139 insertions(+), 127 deletions(-) diff --git a/Makefile b/Makefile index fe016f3..513dc6c 100644 --- a/Makefile +++ b/Makefile @@ -188,5 +188,5 @@ cppcheck: $(PASST_SRCS) $(HEADERS) --inline-suppr \ --suppress=missingIncludeSystem \ --suppress=unusedStructMember \ - $(filter -D%,$(FLAGS) $(CFLAGS) $(CPPFLAGS)) -D CPPCHECK_6936 \ + $(filter -D%,$(FLAGS) $(CFLAGS) $(CPPFLAGS)) -D CPPCHECK_6936 \ $^ diff --git a/conf.c b/conf.c index dafac46..940fb9e 100644 --- a/conf.c +++ b/conf.c @@ -161,7 +161,7 @@ static void conf_ports_range_except(const struct ctx *c, char optname, else if (optname == 'u' || optname == 'U') proto = IPPROTO_UDP; else - ASSERT(0); + assert(0); if (addr) { if (!c->ifi4 && inany_v4(addr)) { @@ -186,7 +186,7 @@ static void conf_ports_range_except(const struct ctx *c, char optname, /* FIXME: Once the fwd bitmaps are removed, move this * workaround to the caller */ - ASSERT(!addr && ifname && !strcmp(ifname, "lo")); + assert(!addr && ifname && !strcmp(ifname, "lo")); warn( "SO_BINDTODEVICE unavailable, forwarding only 127.0.0.1 and ::1 for '-%c %s'", optname, optarg); @@ -1743,7 +1743,7 @@ void conf(struct ctx *c, int argc, char **argv) die("Invalid host nameserver address: %s", optarg); case 25: /* Already handled in conf_mode() */ - ASSERT(c->mode == MODE_VU); + assert(c->mode == MODE_VU); break; case 26: vu_print_capabilities(); diff --git a/flow.c b/flow.c index 735d3c5..4282da2 100644 --- a/flow.c +++ b/flow.c @@ -216,7 +216,7 @@ int flowside_sock_l4(const struct ctx *c, enum epoll_type type, uint8_t pif, const char *ifname = NULL; union sockaddr_inany sa; - ASSERT(pif_is_socket(pif)); + assert(pif_is_socket(pif)); pif_sockaddr(c, &sa, pif, &tgt->oaddr, tgt->oport); @@ -244,7 +244,7 @@ int flowside_sock_l4(const struct ctx *c, enum epoll_type type, uint8_t pif, /* If we add new socket pifs, they'll need to be implemented * here */ - ASSERT(0); + assert(0); } } @@ -341,8 +341,8 @@ static void flow_set_state(struct flow_common *f, enum flow_state state) { uint8_t oldstate = f->state; - ASSERT(state < FLOW_NUM_STATES); - ASSERT(oldstate < FLOW_NUM_STATES); + assert(state < FLOW_NUM_STATES); + assert(oldstate < FLOW_NUM_STATES); f->state = state; flow_log_(f, true, LOG_DEBUG, "%s -> %s", flow_state_str[oldstate], @@ -369,7 +369,7 @@ int flow_epollfd(const struct flow_common *f) */ void flow_epollid_set(struct flow_common *f, int epollid) { - ASSERT(epollid < EPOLLFD_ID_SIZE); + assert(epollid < EPOLLFD_ID_SIZE); f->epollid = epollid; } @@ -407,7 +407,7 @@ int flow_epoll_set(const struct flow_common *f, int command, uint32_t events, */ void flow_epollid_register(int epollid, int epollfd) { - ASSERT(epollid < EPOLLFD_ID_SIZE); + assert(epollid < EPOLLFD_ID_SIZE); epoll_id_to_fd[epollid] = epollfd; } @@ -421,10 +421,10 @@ static void flow_initiate_(union flow *flow, uint8_t pif) { struct flow_common *f = &flow->f; - ASSERT(pif != PIF_NONE); - ASSERT(flow_new_entry == flow && f->state == FLOW_STATE_NEW); - ASSERT(f->type == FLOW_TYPE_NONE); - ASSERT(f->pif[INISIDE] == PIF_NONE && f->pif[TGTSIDE] == PIF_NONE); + assert(pif != PIF_NONE); + assert(flow_new_entry == flow && f->state == FLOW_STATE_NEW); + assert(f->type == FLOW_TYPE_NONE); + assert(f->pif[INISIDE] == PIF_NONE && f->pif[TGTSIDE] == PIF_NONE); f->pif[INISIDE] = pif; flow_set_state(f, FLOW_STATE_INI); @@ -474,7 +474,7 @@ struct flowside *flow_initiate_sa(union flow *flow, uint8_t pif, if (inany_from_sockaddr(&ini->eaddr, &ini->eport, ssa) < 0) { char str[SOCKADDR_STRLEN]; - ASSERT_WITH_MSG(0, "Bad socket address %s", + assert_with_msg(0, "Bad socket address %s", sockaddr_ntop(ssa, str, sizeof(str))); } if (daddr) @@ -508,10 +508,10 @@ struct flowside *flow_target(const struct ctx *c, union flow *flow, const struct fwd_table *fwd; uint8_t tgtpif = PIF_NONE; - ASSERT(flow_new_entry == flow && f->state == FLOW_STATE_INI); - ASSERT(f->type == FLOW_TYPE_NONE); - ASSERT(f->pif[INISIDE] != PIF_NONE && f->pif[TGTSIDE] == PIF_NONE); - ASSERT(flow->f.state == FLOW_STATE_INI); + assert(flow_new_entry == flow && f->state == FLOW_STATE_INI); + assert(f->type == FLOW_TYPE_NONE); + assert(f->pif[INISIDE] != PIF_NONE && f->pif[TGTSIDE] == PIF_NONE); + assert(flow->f.state == FLOW_STATE_INI); switch (f->pif[INISIDE]) { case PIF_TAP: @@ -574,10 +574,10 @@ union flow *flow_set_type(union flow *flow, enum flow_type type) { struct flow_common *f = &flow->f; - ASSERT(type != FLOW_TYPE_NONE); - ASSERT(flow_new_entry == flow && f->state == FLOW_STATE_TGT); - ASSERT(f->type == FLOW_TYPE_NONE); - ASSERT(f->pif[INISIDE] != PIF_NONE && f->pif[TGTSIDE] != PIF_NONE); + assert(type != FLOW_TYPE_NONE); + assert(flow_new_entry == flow && f->state == FLOW_STATE_TGT); + assert(f->type == FLOW_TYPE_NONE); + assert(f->pif[INISIDE] != PIF_NONE && f->pif[TGTSIDE] != PIF_NONE); f->type = type; flow_set_state(f, FLOW_STATE_TYPED); @@ -590,8 +590,8 @@ union flow *flow_set_type(union flow *flow, enum flow_type type) */ void flow_activate(struct flow_common *f) { - ASSERT(&flow_new_entry->f == f && f->state == FLOW_STATE_TYPED); - ASSERT(f->pif[INISIDE] != PIF_NONE && f->pif[TGTSIDE] != PIF_NONE); + assert(&flow_new_entry->f == f && f->state == FLOW_STATE_TYPED); + assert(f->pif[INISIDE] != PIF_NONE && f->pif[TGTSIDE] != PIF_NONE); flow_set_state(f, FLOW_STATE_ACTIVE); flow_new_entry = NULL; @@ -606,26 +606,26 @@ union flow *flow_alloc(void) { union flow *flow = &flowtab[flow_first_free]; - ASSERT(!flow_new_entry); + assert(!flow_new_entry); if (flow_first_free >= FLOW_MAX) return NULL; - ASSERT(flow->f.state == FLOW_STATE_FREE); - ASSERT(flow->f.type == FLOW_TYPE_NONE); - ASSERT(flow->free.n >= 1); - ASSERT(flow_first_free + flow->free.n <= FLOW_MAX); + assert(flow->f.state == FLOW_STATE_FREE); + assert(flow->f.type == FLOW_TYPE_NONE); + assert(flow->free.n >= 1); + assert(flow_first_free + flow->free.n <= FLOW_MAX); if (flow->free.n > 1) { union flow *next; /* Use one entry from the cluster */ - ASSERT(flow_first_free <= FLOW_MAX - 2); + assert(flow_first_free <= FLOW_MAX - 2); next = &flowtab[++flow_first_free]; - ASSERT(FLOW_IDX(next) < FLOW_MAX); - ASSERT(next->f.type == FLOW_TYPE_NONE); - ASSERT(next->free.n == 0); + assert(FLOW_IDX(next) < FLOW_MAX); + assert(next->f.type == FLOW_TYPE_NONE); + assert(next->free.n == 0); next->free.n = flow->free.n - 1; next->free.next = flow->free.next; @@ -649,12 +649,12 @@ union flow *flow_alloc(void) */ void flow_alloc_cancel(union flow *flow) { - ASSERT(flow_new_entry == flow); - ASSERT(flow->f.state == FLOW_STATE_NEW || + assert(flow_new_entry == flow); + assert(flow->f.state == FLOW_STATE_NEW || flow->f.state == FLOW_STATE_INI || flow->f.state == FLOW_STATE_TGT || flow->f.state == FLOW_STATE_TYPED); - ASSERT(flow_first_free > FLOW_IDX(flow)); + assert(flow_first_free > FLOW_IDX(flow)); flow_set_state(&flow->f, FLOW_STATE_FREE); memset(flow, 0, sizeof(*flow)); @@ -704,7 +704,7 @@ static uint64_t flow_sidx_hash(const struct ctx *c, flow_sidx_t sidx) const struct flowside *side = &f->side[sidx.sidei]; uint8_t pif = f->pif[sidx.sidei]; - ASSERT(pif != PIF_NONE); + assert(pif != PIF_NONE); return flow_hash(c, FLOW_PROTO(f), pif, side); } @@ -897,7 +897,7 @@ void flow_defer_handler(const struct ctx *c, const struct timespec *now) flow_timer_run = *now; } - ASSERT(!flow_new_entry); /* Incomplete flow at end of cycle */ + assert(!flow_new_entry); /* Incomplete flow at end of cycle */ /* Check which flows we might need to close first, but don't free them * yet as it's not safe to do that in the middle of flow_foreach(). @@ -907,7 +907,7 @@ void flow_defer_handler(const struct ctx *c, const struct timespec *now) switch (flow->f.type) { case FLOW_TYPE_NONE: - ASSERT(false); + assert(false); break; case FLOW_TCP: closed = tcp_flow_defer(&flow->tcp); @@ -942,7 +942,7 @@ void flow_defer_handler(const struct ctx *c, const struct timespec *now) unsigned skip = flow->free.n; /* First entry of a free cluster must have n >= 1 */ - ASSERT(skip); + assert(skip); if (free_head) { /* Merge into preceding free cluster */ @@ -965,7 +965,7 @@ void flow_defer_handler(const struct ctx *c, const struct timespec *now) case FLOW_STATE_TGT: case FLOW_STATE_TYPED: /* Incomplete flow at end of cycle */ - ASSERT(false); + assert(false); break; case FLOW_STATE_ACTIVE: @@ -975,7 +975,7 @@ void flow_defer_handler(const struct ctx *c, const struct timespec *now) if (free_head) { /* Add slot to current free cluster */ - ASSERT(FLOW_IDX(flow) == + assert(FLOW_IDX(flow) == FLOW_IDX(free_head) + free_head->n); free_head->n++; flow->free.n = flow->free.next = 0; @@ -992,7 +992,7 @@ void flow_defer_handler(const struct ctx *c, const struct timespec *now) break; default: - ASSERT(false); + assert(false); } } diff --git a/flow_table.h b/flow_table.h index 8fb7b5c..7694e72 100644 --- a/flow_table.h +++ b/flow_table.h @@ -176,7 +176,7 @@ static inline flow_sidx_t flow_sidx(const struct flow_common *f, unsigned sidei) { /* cppcheck-suppress [knownConditionTrueFalse, unmatchedSuppression] */ - ASSERT(sidei == !!sidei); + assert(sidei == !!sidei); return (flow_sidx_t){ .sidei = sidei, diff --git a/fwd.c b/fwd.c index bedbf98..f3b4bf2 100644 --- a/fwd.c +++ b/fwd.c @@ -352,7 +352,7 @@ void fwd_rule_add(struct fwd_table *fwd, uint8_t proto, uint8_t flags, struct fwd_rule *new; unsigned i, port; - ASSERT(!(flags & ~allowed_flags)); + assert(!(flags & ~allowed_flags)); if (fwd->count >= ARRAY_SIZE(fwd->rules)) die("Too many port forwarding ranges"); @@ -402,7 +402,7 @@ void fwd_rule_add(struct fwd_table *fwd, uint8_t proto, uint8_t flags, die("Invalid interface name: %s", ifname); } - ASSERT(first <= last); + assert(first <= last); new->first = first; new->last = last; @@ -450,7 +450,7 @@ const struct fwd_rule *fwd_rule_search(const struct fwd_table *fwd, char ostr[INANY_ADDRSTRLEN], rstr[INANY_ADDRSTRLEN]; const struct fwd_rule *rule = &fwd->rules[hint]; - ASSERT((unsigned)hint < fwd->count); + assert((unsigned)hint < fwd->count); if (fwd_rule_match(rule, ini, proto)) return rule; @@ -521,14 +521,14 @@ static int fwd_sync_one(const struct ctx *c, const struct fwd_table *fwd, bool bound_one = false; unsigned port, idx; - ASSERT(pif_is_socket(pif)); + assert(pif_is_socket(pif)); if (!*ifname) ifname = NULL; idx = rule - fwd->rules; - ASSERT(idx < MAX_FWD_RULES); - ASSERT(!(rule->flags & FWD_SCAN && !scanmap)); + assert(idx < MAX_FWD_RULES); + assert(!(rule->flags & FWD_SCAN && !scanmap)); for (port = rule->first; port <= rule->last; port++) { int fd = rule->socks[port - rule->first]; @@ -554,7 +554,7 @@ static int fwd_sync_one(const struct ctx *c, const struct fwd_table *fwd, else if (rule->proto == IPPROTO_UDP) fd = udp_listen(c, pif, idx, addr, ifname, port); else - ASSERT(0); + assert(0); if (fd < 0) { char astr[INANY_ADDRSTRLEN]; diff --git a/icmp.c b/icmp.c index 0b0f593..18b6106 100644 --- a/icmp.c +++ b/icmp.c @@ -58,7 +58,7 @@ static struct icmp_ping_flow *ping_at_sidx(flow_sidx_t sidx) if (!flow) return NULL; - ASSERT(flow->f.type == FLOW_PING4 || flow->f.type == FLOW_PING6); + assert(flow->f.type == FLOW_PING4 || flow->f.type == FLOW_PING6); return &flow->ping; } @@ -80,7 +80,7 @@ void icmp_sock_handler(const struct ctx *c, union epoll_ref ref) if (c->no_icmp) return; - ASSERT(pingf); + assert(pingf); n = recvfrom(ref.fd, buf, sizeof(buf), 0, &sr.sa, &sl); if (n < 0) { @@ -109,7 +109,7 @@ void icmp_sock_handler(const struct ctx *c, union epoll_ref ref) ih6->icmp6_identifier = htons(ini->eport); seq = ntohs(ih6->icmp6_sequence); } else { - ASSERT(0); + assert(0); } /* In PASTA mode, we'll get any reply we send, discard them. */ @@ -131,7 +131,7 @@ void icmp_sock_handler(const struct ctx *c, union epoll_ref ref) const struct in_addr *saddr = inany_v4(&ini->oaddr); const struct in_addr *daddr = inany_v4(&ini->eaddr); - ASSERT(saddr && daddr); /* Must have IPv4 addresses */ + assert(saddr && daddr); /* Must have IPv4 addresses */ tap_icmp4_send(c, *saddr, *daddr, buf, pingf->f.tap_omac, n); } else if (pingf->f.type == FLOW_PING6) { const struct in6_addr *saddr = &ini->oaddr.a6; @@ -256,7 +256,7 @@ int icmp_tap_handler(const struct ctx *c, uint8_t pif, sa_family_t af, int cnt; (void)saddr; - ASSERT(pif == PIF_TAP); + assert(pif == PIF_TAP); if (af == AF_INET) { struct icmphdr ih_storage; @@ -287,7 +287,7 @@ int icmp_tap_handler(const struct ctx *c, uint8_t pif, sa_family_t af, id = ntohs(ih->icmp6_identifier); seq = ntohs(ih->icmp6_sequence); } else { - ASSERT(0); + assert(0); } cnt = iov_tail_clone(&iov[0], MAX_IOV_ICMP, data); @@ -304,7 +304,7 @@ int icmp_tap_handler(const struct ctx *c, uint8_t pif, sa_family_t af, tgt = &pingf->f.side[TGTSIDE]; - ASSERT(flow_proto[pingf->f.type] == proto); + assert(flow_proto[pingf->f.type] == proto); pingf->ts = now->tv_sec; pif_sockaddr(c, &sa, PIF_HOST, &tgt->eaddr, 0); diff --git a/inany.h b/inany.h index 9891ed6..30e2416 100644 --- a/inany.h +++ b/inany.h @@ -86,7 +86,7 @@ static inline socklen_t socklen_inany(const union sockaddr_inany *sa) case AF_INET6: return sizeof(sa->sa6); default: - ASSERT(0); + assert(0); } } @@ -268,7 +268,7 @@ static inline void inany_from_af(union inany_addr *aa, aa->v4mapped.a4 = *((struct in_addr *)addr); } else { /* Not valid to call with other address families */ - ASSERT(0); + assert(0); } } diff --git a/iov.c b/iov.c index 31a3f5b..ae07439 100644 --- a/iov.c +++ b/iov.c @@ -21,6 +21,7 @@ * GNU GPL, version 2 or (at your option) any later version. */ +#include #include #include "util.h" @@ -118,7 +119,7 @@ size_t iov_to_buf(const struct iovec *iov, size_t iov_cnt, for (copied = 0; copied < bytes && i < iov_cnt; i++) { size_t len = MIN(iov[i].iov_len - offset, bytes - copied); - ASSERT(iov[i].iov_base); + assert(iov[i].iov_base); memcpy((char *)buf + copied, (char *)iov[i].iov_base + offset, len); diff --git a/isolation.c b/isolation.c index b25f349..7e6225d 100644 --- a/isolation.c +++ b/isolation.c @@ -396,7 +396,7 @@ void isolate_postfork(const struct ctx *c) prog.filter = filter_vu; break; default: - ASSERT(0); + assert(0); } if (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0) || diff --git a/lineread.c b/lineread.c index 4225de6..b9ceae1 100644 --- a/lineread.c +++ b/lineread.c @@ -12,6 +12,7 @@ * Author: David Gibson */ +#include #include #include #include @@ -44,8 +45,8 @@ static ssize_t peek_line(struct lineread *lr, bool eof) char *nl; /* Sanity checks (which also document invariants) */ - ASSERT(lr->next_line + lr->count >= lr->next_line); - ASSERT(lr->next_line + lr->count <= LINEREAD_BUFFER_SIZE); + assert(lr->next_line + lr->count >= lr->next_line); + assert(lr->next_line + lr->count <= LINEREAD_BUFFER_SIZE); nl = memchr(lr->buf + lr->next_line, '\n', lr->count); diff --git a/netlink.c b/netlink.c index e07b47f..6b74e88 100644 --- a/netlink.c +++ b/netlink.c @@ -160,7 +160,7 @@ static uint32_t nl_send(int s, void *req, uint16_t type, */ static int nl_status(const struct nlmsghdr *nh, ssize_t n, uint32_t seq) { - ASSERT(NLMSG_OK(nh, n)); + assert(NLMSG_OK(nh, n)); if (nh->nlmsg_seq != seq) die("netlink: Unexpected sequence number (%u != %u)", diff --git a/packet.c b/packet.c index 890561b..1cb74b7 100644 --- a/packet.c +++ b/packet.c @@ -168,7 +168,7 @@ bool packet_get_do(const struct pool *p, size_t idx, { size_t i; - ASSERT_WITH_MSG(p->count <= p->size, + assert_with_msg(p->count <= p->size, "Corrupted pool count: %zu, size: %zu, %s:%i", p->count, p->size, func, line); @@ -188,7 +188,7 @@ bool packet_get_do(const struct pool *p, size_t idx, data->off = 0; for (i = 0; i < data->cnt; i++) { - ASSERT_WITH_MSG(!packet_check_range(p, data->iov[i].iov_base, + assert_with_msg(!packet_check_range(p, data->iov[i].iov_base, data->iov[i].iov_len, func, line), "Corrupt packet pool, %s:%i", func, line); diff --git a/passt.c b/passt.c index fc3b89b..f84419c 100644 --- a/passt.c +++ b/passt.c @@ -305,7 +305,7 @@ static void passt_worker(void *opaque, int nfds, struct epoll_event *events) break; default: /* Can't happen */ - ASSERT(0); + assert(0); } stats.events[ref.type]++; print_stats(c, &stats, &now); diff --git a/pif.c b/pif.c index 82a3b5e..1e80724 100644 --- a/pif.c +++ b/pif.c @@ -39,7 +39,7 @@ void pif_sockaddr(const struct ctx *c, union sockaddr_inany *sa, { const struct in_addr *v4 = inany_v4(addr); - ASSERT(pif_is_socket(pif)); + assert(pif_is_socket(pif)); if (v4) { sa->sa_family = AF_INET; @@ -83,7 +83,7 @@ int pif_listen(const struct ctx *c, enum epoll_type type, uint8_t pif, union epoll_ref ref; int ret; - ASSERT(pif_is_socket(pif)); + assert(pif_is_socket(pif)); if (!addr) { ref.fd = sock_l4_dualstack_any(c, type, port, ifname); diff --git a/tap.c b/tap.c index eaa6111..1049e02 100644 --- a/tap.c +++ b/tap.c @@ -117,7 +117,7 @@ unsigned long tap_l2_max_len(const struct ctx *c) return L2_MAX_LEN_VU; } /* NOLINTEND(bugprone-branch-clone) */ - ASSERT(0); + assert(0); return 0; /* Unreachable, for cppcheck's sake */ } @@ -543,7 +543,7 @@ size_t tap_send_frames(const struct ctx *c, const struct iovec *iov, case MODE_VU: /* fall through */ default: - ASSERT(0); + assert(0); } if (m < nframes) @@ -1536,7 +1536,7 @@ void tap_backend_init(struct ctx *c) } if (c->fd_tap != -1) { /* Passed as --fd */ - ASSERT(c->one_off); + assert(c->one_off); tap_start_connection(c); return; } diff --git a/tcp.c b/tcp.c index 9d91c3c..b145862 100644 --- a/tcp.c +++ b/tcp.c @@ -461,7 +461,7 @@ static struct tcp_tap_conn *conn_at_sidx(flow_sidx_t sidx) if (!flow) return NULL; - ASSERT(flow->f.type == FLOW_TCP); + assert(flow->f.type == FLOW_TCP); return &flow->tcp; } @@ -966,7 +966,7 @@ size_t tcp_fill_headers(const struct ctx *c, struct tcp_tap_conn *conn, const struct in_addr *src4 = inany_v4(&tapside->oaddr); const struct in_addr *dst4 = inany_v4(&tapside->eaddr); - ASSERT(src4 && dst4); + assert(src4 && dst4); l3len += + sizeof(*ip4h); @@ -1879,7 +1879,7 @@ static int tcp_data_from_tap(const struct ctx *c, struct tcp_tap_conn *conn, if (conn->events == CLOSED) return p->count - idx; - ASSERT(conn->events & ESTABLISHED); + assert(conn->events & ESTABLISHED); for (i = idx, iov_i = 0; i < (int)p->count; i++) { uint32_t seq, seq_offset, ack_seq; @@ -2260,8 +2260,8 @@ int tcp_tap_handler(const struct ctx *c, uint8_t pif, sa_family_t af, return 1; } - ASSERT(flow->f.type == FLOW_TCP); - ASSERT(pif_at_sidx(sidx) == PIF_TAP); + assert(flow->f.type == FLOW_TCP); + assert(pif_at_sidx(sidx) == PIF_TAP); conn = &flow->tcp; flow_trace(conn, "packet length %zu from tap", l4len); @@ -2500,7 +2500,7 @@ void tcp_listen_handler(const struct ctx *c, union epoll_ref ref, union flow *flow; int s; - ASSERT(!c->no_tcp); + assert(!c->no_tcp); if (!(flow = flow_alloc())) return; @@ -2570,8 +2570,8 @@ void tcp_timer_handler(const struct ctx *c, union epoll_ref ref) struct itimerspec check_armed = { { 0 }, { 0 } }; struct tcp_tap_conn *conn = &FLOW(ref.flow)->tcp; - ASSERT(!c->no_tcp); - ASSERT(conn->f.type == FLOW_TCP); + assert(!c->no_tcp); + assert(conn->f.type == FLOW_TCP); /* We don't reset timers on ~ACK_FROM_TAP_DUE, ~ACK_TO_TAP_DUE. If the * timer is currently armed, this event came from a previous setting, @@ -2632,8 +2632,8 @@ void tcp_sock_handler(const struct ctx *c, union epoll_ref ref, { struct tcp_tap_conn *conn = conn_at_sidx(ref.flowside); - ASSERT(!c->no_tcp); - ASSERT(pif_at_sidx(ref.flowside) != PIF_TAP); + assert(!c->no_tcp); + assert(pif_at_sidx(ref.flowside) != PIF_TAP); if (conn->events == CLOSED) return; @@ -2701,7 +2701,7 @@ int tcp_listen(const struct ctx *c, uint8_t pif, unsigned rule, { int s; - ASSERT(!c->no_tcp); + assert(!c->no_tcp); if (!c->ifi4) { if (!addr) @@ -2853,7 +2853,7 @@ static void tcp_get_rto_params(struct ctx *c) */ int tcp_init(struct ctx *c) { - ASSERT(!c->no_tcp); + assert(!c->no_tcp); tcp_get_rto_params(c); diff --git a/tcp_splice.c b/tcp_splice.c index d60981c..42ee8ab 100644 --- a/tcp_splice.c +++ b/tcp_splice.c @@ -105,7 +105,7 @@ static struct tcp_splice_conn *conn_at_sidx(flow_sidx_t sidx) if (!flow) return NULL; - ASSERT(flow->f.type == FLOW_TCP_SPLICE); + assert(flow->f.type == FLOW_TCP_SPLICE); return &flow->tcp_splice; } @@ -369,7 +369,7 @@ static int tcp_splice_connect(const struct ctx *c, struct tcp_splice_conn *conn) else if (tgtpif == PIF_SPLICE) conn->s[1] = tcp_conn_sock_ns(c, af); else - ASSERT(0); + assert(0); if (conn->s[1] < 0) return -1; @@ -457,7 +457,7 @@ void tcp_splice_conn_from_sock(const struct ctx *c, union flow *flow, int s0) struct tcp_splice_conn *conn = FLOW_SET_TYPE(flow, FLOW_TCP_SPLICE, tcp_splice); - ASSERT(c->mode == MODE_PASTA); + assert(c->mode == MODE_PASTA); conn->s[0] = s0; conn->s[1] = -1; @@ -489,7 +489,7 @@ void tcp_splice_sock_handler(struct ctx *c, union epoll_ref ref, uint8_t lowat_set_flag, lowat_act_flag; int eof, never_read; - ASSERT(conn->f.type == FLOW_TCP_SPLICE); + assert(conn->f.type == FLOW_TCP_SPLICE); if (conn->events == SPLICE_CLOSED) return; @@ -779,7 +779,7 @@ void tcp_splice_timer(struct tcp_splice_conn *conn) { unsigned sidei; - ASSERT(!(conn->flags & CLOSING)); + assert(!(conn->flags & CLOSING)); flow_foreach_sidei(sidei) { if ((conn->flags & RCVLOWAT_SET(sidei)) && diff --git a/tcp_vu.c b/tcp_vu.c index 5de9eec..dc0e17c 100644 --- a/tcp_vu.c +++ b/tcp_vu.c @@ -93,8 +93,8 @@ int tcp_vu_send_flag(const struct ctx *c, struct tcp_tap_conn *conn, int flags) if (elem_cnt != 1) return -1; - ASSERT(flags_elem[0].in_num == 1); - ASSERT(flags_elem[0].in_sg[0].iov_len >= + assert(flags_elem[0].in_num == 1); + assert(flags_elem[0].in_sg[0].iov_len >= MAX(hdrlen + sizeof(*opts), ETH_ZLEN + VNET_HLEN)); vu_set_vnethdr(flags_elem[0].in_sg[0].iov_base, 1); @@ -217,14 +217,14 @@ static ssize_t tcp_vu_sock_recv(const struct ctx *c, struct vu_virtq *vq, &frame_size); if (cnt == 0) break; - ASSERT((size_t)cnt == in_total); /* one iovec per element */ + assert((size_t)cnt == in_total); /* one iovec per element */ iov_used += in_total; dlen = frame_size - hdrlen; /* reserve space for headers in iov */ iov = &elem[elem_cnt].in_sg[0]; - ASSERT(iov->iov_len >= hdrlen); + assert(iov->iov_len >= hdrlen); iov->iov_base = (char *)iov->iov_base + hdrlen; iov->iov_len -= hdrlen; head[(*head_cnt)++] = elem_cnt; @@ -301,7 +301,7 @@ static void tcp_vu_prepare(const struct ctx *c, struct tcp_tap_conn *conn, /* we guess the first iovec provided by the guest can embed * all the headers needed by L2 frame, including any padding */ - ASSERT(iov[0].iov_len >= hdrlen); + assert(iov[0].iov_len >= hdrlen); eh = vu_eth(base); @@ -448,7 +448,7 @@ int tcp_vu_data_from_sock(const struct ctx *c, struct tcp_tap_conn *conn) ssize_t dlen; size_t l2len; - ASSERT(frame_size >= hdrlen); + assert(frame_size >= hdrlen); dlen = frame_size - hdrlen; vu_set_vnethdr(iov->iov_base, buf_cnt); diff --git a/udp.c b/udp.c index 2275c16..1fc5a42 100644 --- a/udp.c +++ b/udp.c @@ -271,7 +271,7 @@ size_t udp_update_hdr4(struct iphdr *ip4h, struct udp_payload_t *bp, size_t l4len = dlen + sizeof(bp->uh); size_t l3len = l4len + sizeof(*ip4h); - ASSERT(src && dst); + assert(src && dst); ip4h->tot_len = htons(l3len); ip4h->daddr = dst->s_addr; @@ -431,7 +431,7 @@ static void udp_send_tap_icmp4(const struct ctx *c, size_t msglen = sizeof(msg) - sizeof(msg.data) + dlen; size_t l4len = dlen + sizeof(struct udphdr); - ASSERT(dlen <= ICMP4_MAX_DLEN); + assert(dlen <= ICMP4_MAX_DLEN); memset(&msg, 0, sizeof(msg)); msg.icmp4h.type = ee->ee_type; msg.icmp4h.code = ee->ee_code; @@ -480,7 +480,7 @@ static void udp_send_tap_icmp6(const struct ctx *c, size_t msglen = sizeof(msg) - sizeof(msg.data) + dlen; size_t l4len = dlen + sizeof(struct udphdr); - ASSERT(dlen <= ICMP6_MAX_DLEN); + assert(dlen <= ICMP6_MAX_DLEN); memset(&msg, 0, sizeof(msg)); msg.icmp6h.icmp6_type = ee->ee_type; msg.icmp6h.icmp6_code = ee->ee_code; @@ -628,7 +628,7 @@ static int udp_sock_recverr(const struct ctx *c, int s, flow_sidx_t sidx, } uflow = udp_at_sidx(sidx); - ASSERT(uflow); + assert(uflow); fromside = &uflow->f.side[sidx.sidei]; toside = &uflow->f.side[!sidx.sidei]; topif = uflow->f.pif[!sidx.sidei]; @@ -692,7 +692,7 @@ static int udp_sock_errs(const struct ctx *c, int s, flow_sidx_t sidx, socklen_t errlen; int rc, err; - ASSERT(!c->no_udp); + assert(!c->no_udp); /* Empty the error queue */ while ((rc = udp_sock_recverr(c, s, sidx, pif, port)) > 0) @@ -772,7 +772,7 @@ static int udp_peek_addr(int s, union sockaddr_inany *src, */ static int udp_sock_recv(const struct ctx *c, int s, struct mmsghdr *mmh, int n) { - ASSERT(!c->no_udp); + assert(!c->no_udp); n = recvmmsg(s, mmh, n, 0, NULL); if (n < 0) { @@ -940,7 +940,7 @@ void udp_sock_handler(const struct ctx *c, union epoll_ref ref, { struct udp_flow *uflow = udp_at_sidx(ref.flowside); - ASSERT(!c->no_udp && uflow); + assert(!c->no_udp && uflow); if (events & EPOLLERR) { if (udp_sock_errs(c, ref.fd, ref.flowside, PIF_NONE, 0) < 0) { @@ -1023,7 +1023,7 @@ int udp_tap_handler(const struct ctx *c, uint8_t pif, in_port_t src, dst; uint8_t topif; - ASSERT(!c->no_udp); + assert(!c->no_udp); if (!packet_get(p, idx, &data)) return 1; @@ -1061,7 +1061,7 @@ int udp_tap_handler(const struct ctx *c, uint8_t pif, toside = flowside_at_sidx(tosidx); s = uflow->s[tosidx.sidei]; - ASSERT(s >= 0); + assert(s >= 0); pif_sockaddr(c, &to_sa, topif, &toside->eaddr, toside->eport); @@ -1141,7 +1141,7 @@ int udp_listen(const struct ctx *c, uint8_t pif, unsigned rule, { int s; - ASSERT(!c->no_udp); + assert(!c->no_udp); if (!c->ifi4) { if (!addr) @@ -1209,7 +1209,7 @@ static void udp_get_timeout_params(struct ctx *c) */ int udp_init(struct ctx *c) { - ASSERT(!c->no_udp); + assert(!c->no_udp); udp_get_timeout_params(c); diff --git a/udp_flow.c b/udp_flow.c index 0023837..7e2453e 100644 --- a/udp_flow.c +++ b/udp_flow.c @@ -31,7 +31,7 @@ struct udp_flow *udp_at_sidx(flow_sidx_t sidx) if (!flow) return NULL; - ASSERT(flow->f.type == FLOW_UDP); + assert(flow->f.type == FLOW_UDP); return &flow->udp; } @@ -280,7 +280,7 @@ flow_sidx_t udp_flow_from_tap(const struct ctx *c, union flow *flow; flow_sidx_t sidx; - ASSERT(pif == PIF_TAP); + assert(pif == PIF_TAP); sidx = flow_lookup_af(c, IPPROTO_UDP, pif, af, saddr, daddr, srcport, dstport); diff --git a/udp_vu.c b/udp_vu.c index acc18d3..cc69654 100644 --- a/udp_vu.c +++ b/udp_vu.c @@ -76,7 +76,7 @@ static int udp_vu_sock_recv(const struct ctx *c, struct vu_virtq *vq, int s, size_t hdrlen, l2len; size_t iov_cnt; - ASSERT(!c->no_udp); + assert(!c->no_udp); if (!vu_queue_enabled(vq) || !vu_queue_started(vq)) { debug("Got UDP packet, but RX virtqueue not usable yet"); @@ -96,10 +96,10 @@ static int udp_vu_sock_recv(const struct ctx *c, struct vu_virtq *vq, int s, if (elem_cnt == 0) return -1; - ASSERT((size_t)elem_cnt == iov_cnt); /* one iovec per element */ + assert((size_t)elem_cnt == iov_cnt); /* one iovec per element */ /* reserve space for the headers */ - ASSERT(iov_vu[0].iov_len >= MAX(hdrlen, ETH_ZLEN + VNET_HLEN)); + assert(iov_vu[0].iov_len >= MAX(hdrlen, ETH_ZLEN + VNET_HLEN)); iov_vu[0].iov_base = (char *)iov_vu[0].iov_base + hdrlen; iov_vu[0].iov_len -= hdrlen; diff --git a/util.c b/util.c index a4f2be4..22318c0 100644 --- a/util.c +++ b/util.c @@ -84,7 +84,7 @@ static int sock_l4_(const struct ctx *c, enum epoll_type type, socktype = SOCK_DGRAM | SOCK_NONBLOCK; break; default: - ASSERT(0); + assert(0); } fd = socket(af, socktype, proto); @@ -884,7 +884,7 @@ int read_all_buf(int fd, void *buf, size_t len) while (left) { ssize_t rc; - ASSERT(left <= len); + assert(left <= len); do rc = read(fd, p, left); @@ -924,7 +924,7 @@ int read_remainder(int fd, const struct iovec *iov, size_t cnt, size_t skip) ssize_t rc; if (offset) { - ASSERT(offset < iov[i].iov_len); + assert(offset < iov[i].iov_len); /* Read the remainder of the partially read buffer */ if (read_all_buf(fd, (char *)iov[i].iov_base + offset, iov[i].iov_len - offset) < 0) diff --git a/util.h b/util.h index 4cbb5da..2fc5cd7 100644 --- a/util.h +++ b/util.h @@ -73,11 +73,20 @@ void abort_with_msg(const char *fmt, ...) * Therefore, avoid using the usual do while wrapper we use to force the macro * to act like a single statement requiring a ';'. */ -#define ASSERT_WITH_MSG(expr, ...) \ +#ifndef NDEBUG +#define assert_with_msg(expr, ...) \ ((expr) ? (void)0 : abort_with_msg(__VA_ARGS__)) -#define ASSERT(expr) \ - ASSERT_WITH_MSG((expr), "ASSERTION FAILED in %s (%s:%d): %s", \ +/* The standard library assert() hits our seccomp filter and dies before it can + * actually print a message. So, replace it with our own version. + */ +#undef assert +#define assert(expr) \ + assert_with_msg((expr), "ASSERTION FAILED in %s (%s:%d): %s", \ __func__, __FILE__, __LINE__, STRINGIFY(expr)) +#else +#define assert_with_msg(expr, ...) \ + ((void)(expr), 0 ? (void)0 : abort_with_msg(__VA_ARGS__)) +#endif #ifdef P_tmpdir #define TMPDIR P_tmpdir diff --git a/vhost_user.c b/vhost_user.c index 9fe1241..75665ec 100644 --- a/vhost_user.c +++ b/vhost_user.c @@ -216,9 +216,9 @@ static int vu_message_read_default(int conn_fd, struct vhost_user_msg *vmsg) cmsg->cmsg_type == SCM_RIGHTS) { size_t fd_size; - ASSERT(cmsg->cmsg_len >= CMSG_LEN(0)); + assert(cmsg->cmsg_len >= CMSG_LEN(0)); fd_size = cmsg->cmsg_len - CMSG_LEN(0); - ASSERT(fd_size <= sizeof(vmsg->fds)); + assert(fd_size <= sizeof(vmsg->fds)); vmsg->fd_num = fd_size / sizeof(int); memcpy(vmsg->fds, CMSG_DATA(cmsg), fd_size); break; @@ -272,7 +272,7 @@ static void vu_message_write(int conn_fd, struct vhost_user_msg *vmsg) }; int rc; - ASSERT(vmsg->fd_num <= VHOST_MEMORY_BASELINE_NREGIONS); + assert(vmsg->fd_num <= VHOST_MEMORY_BASELINE_NREGIONS); if (vmsg->fd_num > 0) { size_t fdsize = vmsg->fd_num * sizeof(int); struct cmsghdr *cmsg; @@ -483,7 +483,7 @@ static bool vu_set_mem_table_exec(struct vu_dev *vdev, } } - ASSERT(vdev->memory.nregions < VHOST_USER_MAX_RAM_SLOTS); + assert(vdev->memory.nregions < VHOST_USER_MAX_RAM_SLOTS); return false; } diff --git a/virtio.c b/virtio.c index a671163..b283de6 100644 --- a/virtio.c +++ b/virtio.c @@ -72,6 +72,7 @@ * SUCH DAMAGE. */ +#include #include #include #include @@ -402,8 +403,8 @@ static bool virtqueue_map_desc(const struct vu_dev *dev, { unsigned int num_sg = *p_num_sg; - ASSERT(num_sg < max_num_sg); - ASSERT(sz); + assert(num_sg < max_num_sg); + assert(sz); while (sz) { uint64_t len = sz; diff --git a/vu_common.c b/vu_common.c index b6e1fa9..92381cd 100644 --- a/vu_common.c +++ b/vu_common.c @@ -41,7 +41,7 @@ int vu_packet_check_range(struct vdev_memory *memory, /* NOLINTNEXTLINE(performance-no-int-to-ptr) */ const char *base = (const char *)base_addr; - ASSERT(base_addr >= dev_region[i].mmap_addr); + assert(base_addr >= dev_region[i].mmap_addr); if (len <= dev_region[i].size && base <= ptr && (size_t)(ptr - base) <= dev_region[i].size - len) @@ -164,7 +164,7 @@ static void vu_handle_tx(struct vu_dev *vdev, int index, int out_sg_count; int count; - ASSERT(VHOST_USER_IS_QUEUE_TX(index)); + assert(VHOST_USER_IS_QUEUE_TX(index)); tap_flush_pools(); -- cgit v1.2.3