potatOS
/
potatOS-for-linux
mirror of https://github.com/systemd/systemd
1
0
Fork 0
Code Issues Releases Wiki Activity

basic: Move assertion specific functions to assert-util.h 

Various functions in log.h are only used by asserts, and there's
enough assertion related stuff in macro.h to justify a separate header
which also makes it easier to avoid circular dependencies.

Let's introduce assert-util.h and an accompanying fundamental header
and move all the assertion related stuff over there. PROJECT_FILE is
moved over to macro.h.
This commit is contained in:
Daan De Meyer 2025-04-12 14:14:04 +02:00
parent edfd847d47
commit 03e17cbe6e
27 changed files with 218 additions and 196 deletions

1
src/basic/alloc-util.h
View File

@ -7,6 +7,7 @@
#include <stdlib.h>
#include <string.h>
#include "assert-util.h"
#include "macro.h"
#if HAS_FEATURE_MEMORY_SANITIZER

1
src/basic/argv-util.h
View File

@ -3,6 +3,7 @@
#include <stdbool.h>
#include "assert-util.h"
#include "macro.h"
extern int saved_argc;

65
src/basic/assert-util.c Normal file
View File

@ -0,0 +1,65 @@
/* SPDX-License-Identifier: LGPL-2.1-or-later */
#include <stdio.h>
#include "assert-util.h"
#include "errno-util.h"
#include "log.h"
static bool assert_return_is_critical = BUILD_MODE_DEVELOPER;
/* Akin to glibc's __abort_msg; which is private and we hence cannot
* use here. */
static char *log_abort_msg = NULL;
void log_set_assert_return_is_critical(bool b) {
assert_return_is_critical = b;
}
bool log_get_assert_return_is_critical(void) {
return assert_return_is_critical;
}
static void log_assert(
int level,
const char *text,
const char *file,
int line,
const char *func,
const char *format) {
static char buffer[LINE_MAX];
if (_likely_(LOG_PRI(level) > log_get_max_level()))
return;
DISABLE_WARNING_FORMAT_NONLITERAL;
(void) snprintf(buffer, sizeof buffer, format, text, file, line, func);
REENABLE_WARNING;
log_abort_msg = buffer;
log_dispatch_internal(level, 0, file, line, func, NULL, NULL, NULL, NULL, buffer);
}
_noreturn_ void log_assert_failed(const char *text, const char *file, int line, const char *func) {
log_assert(LOG_CRIT, text, file, line, func,
"Assertion '%s' failed at %s:%u, function %s(). Aborting.");
abort();
}
_noreturn_ void log_assert_failed_unreachable(const char *file, int line, const char *func) {
log_assert(LOG_CRIT, "Code should not be reached", file, line, func,
"%s at %s:%u, function %s(). Aborting. 💥");
abort();
}
void log_assert_failed_return(const char *text, const char *file, int line, const char *func) {
if (assert_return_is_critical)
log_assert_failed(text, file, line, func);
PROTECT_ERRNO;
log_assert(LOG_DEBUG, text, file, line, func,
"Assertion '%s' failed at %s:%u, function %s(), ignoring.");
}

84
src/basic/assert-util.h Normal file
View File

@ -0,0 +1,84 @@
/* SPDX-License-Identifier: LGPL-2.1-or-later */
#pragma once
#include "assert-fundamental.h"
#include "macro.h"
/* Logging for various assertions */
void log_set_assert_return_is_critical(bool b);
bool log_get_assert_return_is_critical(void) _pure_;
_noreturn_ void log_assert_failed(const char *text, const char *file, int line, const char *func);
_noreturn_ void log_assert_failed_unreachable(const char *file, int line, const char *func);
void log_assert_failed_return(const char *text, const char *file, int line, const char *func);
#ifdef __COVERITY__
/* Use special definitions of assertion macros in order to prevent
* false positives of ASSERT_SIDE_EFFECT on Coverity static analyzer
* for uses of assert_se() and assert_return().
*
* These definitions make expression go through a (trivial) function
* call to ensure they are not discarded. Also use ! or !! to ensure
* the boolean expressions are seen as such.
*
* This technique has been described and recommended in:
* https://community.synopsys.com/s/question/0D534000046Yuzb/suppressing-assertsideeffect-for-functions-that-allow-for-sideeffects
*/
extern void __coverity_panic__(void);
static inline void __coverity_check__(int condition) {
if (!condition)
__coverity_panic__();
}
static inline int __coverity_check_and_return__(int condition) {
return condition;
}
#define assert_message_se(expr, message) __coverity_check__(!!(expr))
#define assert_log(expr, message) __coverity_check_and_return__(!!(expr))
#else /* ! __COVERITY__ */
#define assert_message_se(expr, message) \
do { \
if (_unlikely_(!(expr))) \
log_assert_failed(message, PROJECT_FILE, __LINE__, __func__); \
} while (false)
#define assert_log(expr, message) ((_likely_(expr)) \
? (true) \
: (log_assert_failed_return(message, PROJECT_FILE, __LINE__, __func__), false))
#endif /* __COVERITY__ */
#define assert_se(expr) assert_message_se(expr, #expr)
/* We override the glibc assert() here. */
#undef assert
#ifdef NDEBUG
#define assert(expr) ({ if (!(expr)) __builtin_unreachable(); })
#else
#define assert(expr) assert_message_se(expr, #expr)
#endif
#define assert_not_reached() \
log_assert_failed_unreachable(PROJECT_FILE, __LINE__, __func__)
#define assert_return(expr, r) \
do { \
if (!assert_log(expr, #expr)) \
return (r); \
} while (false)
#define assert_return_errno(expr, r, err) \
do { \
if (!assert_log(expr, #expr)) { \
errno = err; \
return (r); \
} \
} while (false)

1
src/basic/dlfcn-util.h
View File

@ -3,6 +3,7 @@
#include <dlfcn.h>
#include "assert-util.h"
#include "macro.h"
static inline void* safe_dlclose(void *dl) {

1
src/basic/errno-util.h
View File

@ -5,6 +5,7 @@
#include <stdlib.h>
#include <string.h>
#include "assert-util.h"
#include "macro.h"
/* strerror(3) says that glibc uses a maximum length of 1024 bytes. */

68
src/basic/log.c
View File

@ -78,11 +78,6 @@ static bool upgrade_syslog_to_journal = false;
static bool always_reopen_console = false;
static bool open_when_needed = false;
static bool prohibit_ipc = false;
static bool assert_return_is_critical = BUILD_MODE_DEVELOPER;
/* Akin to glibc's __abort_msg; which is private and we hence cannot
* use here. */
static char *log_abort_msg = NULL;
static thread_local const char *log_prefix = NULL;
@ -950,61 +945,6 @@ int log_object_internal(
return r;
}
static void log_assert(
int level,
const char *text,
const char *file,
int line,
const char *func,
const char *format) {
static char buffer[LINE_MAX];
if (_likely_(LOG_PRI(level) > log_max_level))
return;
DISABLE_WARNING_FORMAT_NONLITERAL;
(void) snprintf(buffer, sizeof buffer, format, text, file, line, func);
REENABLE_WARNING;
log_abort_msg = buffer;
log_dispatch_internal(level, 0, file, line, func, NULL, NULL, NULL, NULL, buffer);
}
_noreturn_ void log_assert_failed(
const char *text,
const char *file,
int line,
const char *func) {
log_assert(LOG_CRIT, text, file, line, func,
"Assertion '%s' failed at %s:%u, function %s(). Aborting.");
abort();
}
_noreturn_ void log_assert_failed_unreachable(
const char *file,
int line,
const char *func) {
log_assert(LOG_CRIT, "Code should not be reached", file, line, func,
"%s at %s:%u, function %s(). Aborting. 💥");
abort();
}
void log_assert_failed_return(
const char *text,
const char *file,
int line,
const char *func) {
if (assert_return_is_critical)
log_assert_failed(text, file, line, func);
PROTECT_ERRNO;
log_assert(LOG_DEBUG, text, file, line, func,
"Assertion '%s' failed at %s:%u, function %s(), ignoring.");
}
int log_oom_internal(int level, const char *file, int line, const char *func) {
return log_internal(level, ENOMEM, file, line, func, "Out of memory.");
}
@ -1318,14 +1258,6 @@ static int log_set_ratelimit_kmsg_from_string(const char *e) {
return 0;
}
void log_set_assert_return_is_critical(bool b) {
assert_return_is_critical = b;
}
bool log_get_assert_return_is_critical(void) {
return assert_return_is_critical;
}
static int parse_proc_cmdline_item(const char *key, const char *value, void *data) {
/*

24
src/basic/log.h
View File

@ -79,9 +79,6 @@ int log_show_tid_from_string(const char *e);
* environment should not be called from library code this is always a job
* for the application itself. */
assert_cc(STRLEN(__FILE__) > STRLEN(RELATIVE_SOURCE_PATH) + 1);
#define PROJECT_FILE (&__FILE__[STRLEN(RELATIVE_SOURCE_PATH) + 1])
bool stderr_is_journal(void);
int log_open(void);
void log_close(void);
@ -185,24 +182,6 @@ int log_dump_internal(
const char *func,
char *buffer);
/* Logging for various assertions */
_noreturn_ void log_assert_failed(
const char *text,
const char *file,
int line,
const char *func);
_noreturn_ void log_assert_failed_unreachable(
const char *file,
int line,
const char *func);
void log_assert_failed_return(
const char *text,
const char *file,
int line,
const char *func);
#define log_dispatch(level, error, buffer) \
log_dispatch_internal(level, error, PROJECT_FILE, __LINE__, __func__, NULL, NULL, NULL, NULL, buffer)
@ -336,9 +315,6 @@ void log_set_open_when_needed(bool b);
* stderr, the console or kmsg */
void log_set_prohibit_ipc(bool b);
void log_set_assert_return_is_critical(bool b);
bool log_get_assert_return_is_critical(void) _pure_;
int log_dup_console(void);
int log_syntax_internal(

73
src/basic/macro.h
View File

@ -42,6 +42,9 @@
#error "neither int nor long are four bytes long?!?"
#endif
assert_cc(STRLEN(__FILE__) > STRLEN(RELATIVE_SOURCE_PATH) + 1);
#define PROJECT_FILE (&__FILE__[STRLEN(RELATIVE_SOURCE_PATH) + 1])
static inline uint64_t u64_multiply_safe(uint64_t a, uint64_t b) {
if (_unlikely_(a != 0 && b > (UINT64_MAX / a)))
return 0; /* overflow */
@ -103,76 +106,6 @@ static inline size_t GREEDY_ALLOC_ROUND_UP(size_t l) {
(type*)( (char *)UNIQ_T(A, uniq) - offsetof(type, member) ); \
})
#ifdef __COVERITY__
/* Use special definitions of assertion macros in order to prevent
* false positives of ASSERT_SIDE_EFFECT on Coverity static analyzer
* for uses of assert_se() and assert_return().
*
* These definitions make expression go through a (trivial) function
* call to ensure they are not discarded. Also use ! or !! to ensure
* the boolean expressions are seen as such.
*
* This technique has been described and recommended in:
* https://community.synopsys.com/s/question/0D534000046Yuzb/suppressing-assertsideeffect-for-functions-that-allow-for-sideeffects
*/
extern void __coverity_panic__(void);
static inline void __coverity_check__(int condition) {
if (!condition)
__coverity_panic__();
}
static inline int __coverity_check_and_return__(int condition) {
return condition;
}
#define assert_message_se(expr, message) __coverity_check__(!!(expr))
#define assert_log(expr, message) __coverity_check_and_return__(!!(expr))
#else /* ! __COVERITY__ */
#define assert_message_se(expr, message) \
do { \
if (_unlikely_(!(expr))) \
log_assert_failed(message, PROJECT_FILE, __LINE__, __func__); \
} while (false)
#define assert_log(expr, message) ((_likely_(expr)) \
? (true) \
: (log_assert_failed_return(message, PROJECT_FILE, __LINE__, __func__), false))
#endif /* __COVERITY__ */
#define assert_se(expr) assert_message_se(expr, #expr)
/* We override the glibc assert() here. */
#undef assert
#ifdef NDEBUG
#define assert(expr) ({ if (!(expr)) __builtin_unreachable(); })
#else
#define assert(expr) assert_message_se(expr, #expr)
#endif
#define assert_not_reached() \
log_assert_failed_unreachable(PROJECT_FILE, __LINE__, __func__)
#define assert_return(expr, r) \
do { \
if (!assert_log(expr, #expr)) \
return (r); \
} while (false)
#define assert_return_errno(expr, r, err) \
do { \
if (!assert_log(expr, #expr)) { \
errno = err; \
return (r); \
} \
} while (false)
#define return_with_errno(r, err) \
do { \
errno = abs(err); \

1
src/basic/meson.build
View File

@ -7,6 +7,7 @@ basic_sources = files(
'architecture.c',
'argv-util.c',
'arphrd-util.c',
'assert-util.c',
'audit-util.c',
'btrfs.c',
'build.c',

1
src/basic/signal-util.h
View File

@ -3,6 +3,7 @@
#include <signal.h>
#include "assert-util.h"
#include "macro.h"
int reset_all_signal_handlers(void);

1
src/basic/stdio-util.h
View File

@ -6,6 +6,7 @@
#include <stdio.h>
#include <sys/types.h>
#include "assert-util.h"
#include "macro.h"
_printf_(3, 4)

1
src/boot/bcd.c
View File

@ -2,6 +2,7 @@
#include <stdalign.h>
#include "assert-fundamental.h"
#include "bcd.h"
#include "efi-string.h"

45
src/fundamental/assert-fundamental.h Normal file
View File

@ -0,0 +1,45 @@
/* SPDX-License-Identifier: LGPL-2.1-or-later */
#pragma once
#if !SD_BOOT
# include <assert.h>
#endif
#include "macro-fundamental.h"
#if SD_BOOT
_noreturn_ void efi_assert(const char *expr, const char *file, unsigned line, const char *function);
#ifdef NDEBUG
#define assert(expr) ({ if (!(expr)) __builtin_unreachable(); })
#define assert_not_reached() __builtin_unreachable()
#else
#define assert(expr) ({ _likely_(expr) ? VOID_0 : efi_assert(#expr, __FILE__, __LINE__, __func__); })
#define assert_not_reached() efi_assert("Code should not be reached", __FILE__, __LINE__, __func__)
#endif
#define assert_se(expr) ({ _likely_(expr) ? VOID_0 : efi_assert(#expr, __FILE__, __LINE__, __func__); })
#endif
/* This passes the argument through after (if asserts are enabled) checking that it is not null. */
#define ASSERT_PTR(expr) _ASSERT_PTR(expr, UNIQ_T(_expr_, UNIQ), assert)
#define ASSERT_SE_PTR(expr) _ASSERT_PTR(expr, UNIQ_T(_expr_, UNIQ), assert_se)
#define _ASSERT_PTR(expr, var, check) \
({ \
typeof(expr) var = (expr); \
check(var); \
var; \
})
#define ASSERT_NONNEG(expr) \
({ \
typeof(expr) _expr_ = (expr), _zero = 0; \
assert(_expr_ >= _zero); \
_expr_; \
})
#define ASSERT_SE_NONNEG(expr) \
({ \
typeof(expr) _expr_ = (expr), _zero = 0; \
assert_se(_expr_ >= _zero); \
_expr_; \
})

2
src/fundamental/iovec-util-fundamental.h
View File

@ -1,6 +1,8 @@
/* SPDX-License-Identifier: LGPL-2.1-or-later */
#pragma once
#include "assert-fundamental.h"
#if SD_BOOT
/* struct iovec is a POSIX userspace construct. Let's introduce it also in EFI mode, it's just so useful */
struct iovec {

34
src/fundamental/macro-fundamental.h
View File

@ -145,43 +145,9 @@
#define CONCATENATE(x, y) XCONCATENATE(x, y)
#if SD_BOOT
_noreturn_ void efi_assert(const char *expr, const char *file, unsigned line, const char *function);
#ifdef NDEBUG
#define assert(expr) ({ if (!(expr)) __builtin_unreachable(); })
#define assert_not_reached() __builtin_unreachable()
#else
#define assert(expr) ({ _likely_(expr) ? VOID_0 : efi_assert(#expr, __FILE__, __LINE__, __func__); })
#define assert_not_reached() efi_assert("Code should not be reached", __FILE__, __LINE__, __func__)
#endif
#define static_assert _Static_assert
#define assert_se(expr) ({ _likely_(expr) ? VOID_0 : efi_assert(#expr, __FILE__, __LINE__, __func__); })
#endif
/* This passes the argument through after (if asserts are enabled) checking that it is not null. */
#define ASSERT_PTR(expr) _ASSERT_PTR(expr, UNIQ_T(_expr_, UNIQ), assert)
#define ASSERT_SE_PTR(expr) _ASSERT_PTR(expr, UNIQ_T(_expr_, UNIQ), assert_se)
#define _ASSERT_PTR(expr, var, check) \
({ \
typeof(expr) var = (expr); \
check(var); \
var; \
})
#define ASSERT_NONNEG(expr) \
({ \
typeof(expr) _expr_ = (expr), _zero = 0; \
assert(_expr_ >= _zero); \
_expr_; \
})
#define ASSERT_SE_NONNEG(expr) \
({ \
typeof(expr) _expr_ = (expr), _zero = 0; \
assert_se(_expr_ >= _zero); \
_expr_; \
})
#define assert_cc(expr) static_assert(expr, #expr)
#define UNIQ_T(x, uniq) CONCATENATE(__unique_prefix_, CONCATENATE(x, uniq))

1
src/fundamental/memory-util-fundamental.h
View File

@ -9,6 +9,7 @@
# include <string.h>
#endif
#include "assert-fundamental.h"
#include "macro-fundamental.h"
#define memzero(x, l) \

1
src/fundamental/sha256-fundamental.c
View File

@ -21,6 +21,7 @@
License along with the GNU C Library; if not, see
<https://www.gnu.org/licenses/>. */
#include "assert-fundamental.h"
#include "macro-fundamental.h"
#include "memory-util-fundamental.h"
#include "sha256-fundamental.h"

1
src/fundamental/string-util-fundamental.h
View File

@ -8,6 +8,7 @@
# include <string.h>
#endif
#include "assert-fundamental.h"
#include "macro-fundamental.h"
#if SD_BOOT

1
src/fuzz/fuzz.h
View File

@ -4,6 +4,7 @@
#include <stddef.h>
#include <stdint.h>
#include "assert-util.h"
#include "env-util.h"
#include "fileio.h"

1
src/shared/fstab-util.h
View File

@ -4,6 +4,7 @@
#include <stdbool.h>
#include <stddef.h>
#include "assert-util.h"
#include "macro.h"
bool fstab_enabled_full(int enabled);

1
src/shared/osc-context.h
View File

@ -3,6 +3,7 @@
#include "sd-id128.h"
#include "assert-util.h"
#include "macro.h"
int osc_context_open_boot(char **ret_seq);

1
src/shared/pretty-print.h
View File

@ -2,6 +2,7 @@
#pragma once
#include "ansi-color.h"
#include "assert-util.h"
#include "glyph-util.h"
#include "terminal-util.h"

1
src/sysupdate/sysupdate-update-set-flags.c
View File

@ -1,6 +1,7 @@
/* SPDX-License-Identifier: LGPL-2.1-or-later */
#include "ansi-color.h"
#include "assert-util.h"
#include "glyph-util.h"
#include "sysupdate-update-set-flags.h"
#include "terminal-util.h"

1
src/test/test-dlopen.c
View File

@ -3,6 +3,7 @@
#include <dlfcn.h>
#include <stdlib.h>
#include "assert-util.h"
#include "macro.h"
int main(int argc, char **argv) {

1
src/test/test-sizeof.c
View File

@ -11,6 +11,7 @@
#define __STDC_WANT_IEC_60559_TYPES_EXT__
#include <float.h>
#include "assert-util.h"
#include "time-util.h"
/* Print information about various types. Useful when diagnosing

1
src/udev/udevadm-hwdb.c
View File

@ -2,6 +2,7 @@
#include <getopt.h>
#include "assert-util.h"
#include "hwdb-util.h"
#include "udevadm.h"