From: David Gibson <david@gibson.dropbear.id.au>
To: passt-dev@passt.top, Stefano Brivio <sbrivio@redhat.com>
Cc: David Gibson <david@gibson.dropbear.id.au>
Subject: [PATCH 4/5] treewide: Spell ASSERT() as assert()
Date: Mon, 16 Mar 2026 16:46:28 +1100 [thread overview]
Message-ID: <20260316054629.239002-5-david@gibson.dropbear.id.au> (raw)
In-Reply-To: <20260316054629.239002-1-david@gibson.dropbear.id.au>
The standard library assert(3), at least with glibc, hits our seccomp
filter and dies with SIGSYS before it's able to print a message, making it
near useless. Therefore, since 7a8ed9459dfe ("Make assertions actually
useful") we've instead used our own implementation, named ASSERT().
This makes our code look slightly odd though - ASSERT() has the same
overall effect as assert(), it's just a different implementation. More
importantly this makes it awkward to share code between passt/pasta proper
and things that compile in a more typical environment. We're going to want
that for our upcoming dynamic configuration tool.
Address this by overriding the standard library's assert() implementation
with our own, instead of giving ours its own name.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
---
conf.c | 6 ++--
flow.c | 80 ++++++++++++++++++++++++++--------------------------
flow_table.h | 2 +-
fwd.c | 14 ++++-----
icmp.c | 14 ++++-----
inany.h | 4 +--
iov.c | 2 +-
isolation.c | 2 +-
lineread.c | 4 +--
netlink.c | 2 +-
packet.c | 4 +--
passt.c | 2 +-
pif.c | 4 +--
tap.c | 6 ++--
tcp.c | 24 ++++++++--------
tcp_splice.c | 10 +++----
tcp_vu.c | 8 +++---
udp.c | 22 +++++++--------
udp_flow.c | 4 +--
udp_vu.c | 4 +--
util.c | 6 ++--
util.h | 10 +++++--
vhost_user.c | 8 +++---
virtio.c | 4 +--
vu_common.c | 4 +--
25 files changed, 127 insertions(+), 123 deletions(-)
diff --git a/conf.c b/conf.c
index dafac463..940fb9e9 100644
--- a/conf.c
+++ b/conf.c
@@ -161,7 +161,7 @@ static void conf_ports_range_except(const struct ctx *c, char optname,
else if (optname == 'u' || optname == 'U')
proto = IPPROTO_UDP;
else
- ASSERT(0);
+ assert(0);
if (addr) {
if (!c->ifi4 && inany_v4(addr)) {
@@ -186,7 +186,7 @@ static void conf_ports_range_except(const struct ctx *c, char optname,
/* FIXME: Once the fwd bitmaps are removed, move this
* workaround to the caller
*/
- ASSERT(!addr && ifname && !strcmp(ifname, "lo"));
+ assert(!addr && ifname && !strcmp(ifname, "lo"));
warn(
"SO_BINDTODEVICE unavailable, forwarding only 127.0.0.1 and ::1 for '-%c %s'",
optname, optarg);
@@ -1743,7 +1743,7 @@ void conf(struct ctx *c, int argc, char **argv)
die("Invalid host nameserver address: %s", optarg);
case 25:
/* Already handled in conf_mode() */
- ASSERT(c->mode == MODE_VU);
+ assert(c->mode == MODE_VU);
break;
case 26:
vu_print_capabilities();
diff --git a/flow.c b/flow.c
index 735d3c5f..4282da2e 100644
--- a/flow.c
+++ b/flow.c
@@ -216,7 +216,7 @@ int flowside_sock_l4(const struct ctx *c, enum epoll_type type, uint8_t pif,
const char *ifname = NULL;
union sockaddr_inany sa;
- ASSERT(pif_is_socket(pif));
+ assert(pif_is_socket(pif));
pif_sockaddr(c, &sa, pif, &tgt->oaddr, tgt->oport);
@@ -244,7 +244,7 @@ int flowside_sock_l4(const struct ctx *c, enum epoll_type type, uint8_t pif,
/* If we add new socket pifs, they'll need to be implemented
* here
*/
- ASSERT(0);
+ assert(0);
}
}
@@ -341,8 +341,8 @@ static void flow_set_state(struct flow_common *f, enum flow_state state)
{
uint8_t oldstate = f->state;
- ASSERT(state < FLOW_NUM_STATES);
- ASSERT(oldstate < FLOW_NUM_STATES);
+ assert(state < FLOW_NUM_STATES);
+ assert(oldstate < FLOW_NUM_STATES);
f->state = state;
flow_log_(f, true, LOG_DEBUG, "%s -> %s", flow_state_str[oldstate],
@@ -369,7 +369,7 @@ int flow_epollfd(const struct flow_common *f)
*/
void flow_epollid_set(struct flow_common *f, int epollid)
{
- ASSERT(epollid < EPOLLFD_ID_SIZE);
+ assert(epollid < EPOLLFD_ID_SIZE);
f->epollid = epollid;
}
@@ -407,7 +407,7 @@ int flow_epoll_set(const struct flow_common *f, int command, uint32_t events,
*/
void flow_epollid_register(int epollid, int epollfd)
{
- ASSERT(epollid < EPOLLFD_ID_SIZE);
+ assert(epollid < EPOLLFD_ID_SIZE);
epoll_id_to_fd[epollid] = epollfd;
}
@@ -421,10 +421,10 @@ static void flow_initiate_(union flow *flow, uint8_t pif)
{
struct flow_common *f = &flow->f;
- ASSERT(pif != PIF_NONE);
- ASSERT(flow_new_entry == flow && f->state == FLOW_STATE_NEW);
- ASSERT(f->type == FLOW_TYPE_NONE);
- ASSERT(f->pif[INISIDE] == PIF_NONE && f->pif[TGTSIDE] == PIF_NONE);
+ assert(pif != PIF_NONE);
+ assert(flow_new_entry == flow && f->state == FLOW_STATE_NEW);
+ assert(f->type == FLOW_TYPE_NONE);
+ assert(f->pif[INISIDE] == PIF_NONE && f->pif[TGTSIDE] == PIF_NONE);
f->pif[INISIDE] = pif;
flow_set_state(f, FLOW_STATE_INI);
@@ -474,7 +474,7 @@ struct flowside *flow_initiate_sa(union flow *flow, uint8_t pif,
if (inany_from_sockaddr(&ini->eaddr, &ini->eport, ssa) < 0) {
char str[SOCKADDR_STRLEN];
- ASSERT_WITH_MSG(0, "Bad socket address %s",
+ assert_with_msg(0, "Bad socket address %s",
sockaddr_ntop(ssa, str, sizeof(str)));
}
if (daddr)
@@ -508,10 +508,10 @@ struct flowside *flow_target(const struct ctx *c, union flow *flow,
const struct fwd_table *fwd;
uint8_t tgtpif = PIF_NONE;
- ASSERT(flow_new_entry == flow && f->state == FLOW_STATE_INI);
- ASSERT(f->type == FLOW_TYPE_NONE);
- ASSERT(f->pif[INISIDE] != PIF_NONE && f->pif[TGTSIDE] == PIF_NONE);
- ASSERT(flow->f.state == FLOW_STATE_INI);
+ assert(flow_new_entry == flow && f->state == FLOW_STATE_INI);
+ assert(f->type == FLOW_TYPE_NONE);
+ assert(f->pif[INISIDE] != PIF_NONE && f->pif[TGTSIDE] == PIF_NONE);
+ assert(flow->f.state == FLOW_STATE_INI);
switch (f->pif[INISIDE]) {
case PIF_TAP:
@@ -574,10 +574,10 @@ union flow *flow_set_type(union flow *flow, enum flow_type type)
{
struct flow_common *f = &flow->f;
- ASSERT(type != FLOW_TYPE_NONE);
- ASSERT(flow_new_entry == flow && f->state == FLOW_STATE_TGT);
- ASSERT(f->type == FLOW_TYPE_NONE);
- ASSERT(f->pif[INISIDE] != PIF_NONE && f->pif[TGTSIDE] != PIF_NONE);
+ assert(type != FLOW_TYPE_NONE);
+ assert(flow_new_entry == flow && f->state == FLOW_STATE_TGT);
+ assert(f->type == FLOW_TYPE_NONE);
+ assert(f->pif[INISIDE] != PIF_NONE && f->pif[TGTSIDE] != PIF_NONE);
f->type = type;
flow_set_state(f, FLOW_STATE_TYPED);
@@ -590,8 +590,8 @@ union flow *flow_set_type(union flow *flow, enum flow_type type)
*/
void flow_activate(struct flow_common *f)
{
- ASSERT(&flow_new_entry->f == f && f->state == FLOW_STATE_TYPED);
- ASSERT(f->pif[INISIDE] != PIF_NONE && f->pif[TGTSIDE] != PIF_NONE);
+ assert(&flow_new_entry->f == f && f->state == FLOW_STATE_TYPED);
+ assert(f->pif[INISIDE] != PIF_NONE && f->pif[TGTSIDE] != PIF_NONE);
flow_set_state(f, FLOW_STATE_ACTIVE);
flow_new_entry = NULL;
@@ -606,26 +606,26 @@ union flow *flow_alloc(void)
{
union flow *flow = &flowtab[flow_first_free];
- ASSERT(!flow_new_entry);
+ assert(!flow_new_entry);
if (flow_first_free >= FLOW_MAX)
return NULL;
- ASSERT(flow->f.state == FLOW_STATE_FREE);
- ASSERT(flow->f.type == FLOW_TYPE_NONE);
- ASSERT(flow->free.n >= 1);
- ASSERT(flow_first_free + flow->free.n <= FLOW_MAX);
+ assert(flow->f.state == FLOW_STATE_FREE);
+ assert(flow->f.type == FLOW_TYPE_NONE);
+ assert(flow->free.n >= 1);
+ assert(flow_first_free + flow->free.n <= FLOW_MAX);
if (flow->free.n > 1) {
union flow *next;
/* Use one entry from the cluster */
- ASSERT(flow_first_free <= FLOW_MAX - 2);
+ assert(flow_first_free <= FLOW_MAX - 2);
next = &flowtab[++flow_first_free];
- ASSERT(FLOW_IDX(next) < FLOW_MAX);
- ASSERT(next->f.type == FLOW_TYPE_NONE);
- ASSERT(next->free.n == 0);
+ assert(FLOW_IDX(next) < FLOW_MAX);
+ assert(next->f.type == FLOW_TYPE_NONE);
+ assert(next->free.n == 0);
next->free.n = flow->free.n - 1;
next->free.next = flow->free.next;
@@ -649,12 +649,12 @@ union flow *flow_alloc(void)
*/
void flow_alloc_cancel(union flow *flow)
{
- ASSERT(flow_new_entry == flow);
- ASSERT(flow->f.state == FLOW_STATE_NEW ||
+ assert(flow_new_entry == flow);
+ assert(flow->f.state == FLOW_STATE_NEW ||
flow->f.state == FLOW_STATE_INI ||
flow->f.state == FLOW_STATE_TGT ||
flow->f.state == FLOW_STATE_TYPED);
- ASSERT(flow_first_free > FLOW_IDX(flow));
+ assert(flow_first_free > FLOW_IDX(flow));
flow_set_state(&flow->f, FLOW_STATE_FREE);
memset(flow, 0, sizeof(*flow));
@@ -704,7 +704,7 @@ static uint64_t flow_sidx_hash(const struct ctx *c, flow_sidx_t sidx)
const struct flowside *side = &f->side[sidx.sidei];
uint8_t pif = f->pif[sidx.sidei];
- ASSERT(pif != PIF_NONE);
+ assert(pif != PIF_NONE);
return flow_hash(c, FLOW_PROTO(f), pif, side);
}
@@ -897,7 +897,7 @@ void flow_defer_handler(const struct ctx *c, const struct timespec *now)
flow_timer_run = *now;
}
- ASSERT(!flow_new_entry); /* Incomplete flow at end of cycle */
+ assert(!flow_new_entry); /* Incomplete flow at end of cycle */
/* Check which flows we might need to close first, but don't free them
* yet as it's not safe to do that in the middle of flow_foreach().
@@ -907,7 +907,7 @@ void flow_defer_handler(const struct ctx *c, const struct timespec *now)
switch (flow->f.type) {
case FLOW_TYPE_NONE:
- ASSERT(false);
+ assert(false);
break;
case FLOW_TCP:
closed = tcp_flow_defer(&flow->tcp);
@@ -942,7 +942,7 @@ void flow_defer_handler(const struct ctx *c, const struct timespec *now)
unsigned skip = flow->free.n;
/* First entry of a free cluster must have n >= 1 */
- ASSERT(skip);
+ assert(skip);
if (free_head) {
/* Merge into preceding free cluster */
@@ -965,7 +965,7 @@ void flow_defer_handler(const struct ctx *c, const struct timespec *now)
case FLOW_STATE_TGT:
case FLOW_STATE_TYPED:
/* Incomplete flow at end of cycle */
- ASSERT(false);
+ assert(false);
break;
case FLOW_STATE_ACTIVE:
@@ -975,7 +975,7 @@ void flow_defer_handler(const struct ctx *c, const struct timespec *now)
if (free_head) {
/* Add slot to current free cluster */
- ASSERT(FLOW_IDX(flow) ==
+ assert(FLOW_IDX(flow) ==
FLOW_IDX(free_head) + free_head->n);
free_head->n++;
flow->free.n = flow->free.next = 0;
@@ -992,7 +992,7 @@ void flow_defer_handler(const struct ctx *c, const struct timespec *now)
break;
default:
- ASSERT(false);
+ assert(false);
}
}
diff --git a/flow_table.h b/flow_table.h
index 8fb7b5c3..7694e726 100644
--- a/flow_table.h
+++ b/flow_table.h
@@ -176,7 +176,7 @@ static inline flow_sidx_t flow_sidx(const struct flow_common *f,
unsigned sidei)
{
/* cppcheck-suppress [knownConditionTrueFalse, unmatchedSuppression] */
- ASSERT(sidei == !!sidei);
+ assert(sidei == !!sidei);
return (flow_sidx_t){
.sidei = sidei,
diff --git a/fwd.c b/fwd.c
index bedbf98a..f3b4bf2a 100644
--- a/fwd.c
+++ b/fwd.c
@@ -352,7 +352,7 @@ void fwd_rule_add(struct fwd_table *fwd, uint8_t proto, uint8_t flags,
struct fwd_rule *new;
unsigned i, port;
- ASSERT(!(flags & ~allowed_flags));
+ assert(!(flags & ~allowed_flags));
if (fwd->count >= ARRAY_SIZE(fwd->rules))
die("Too many port forwarding ranges");
@@ -402,7 +402,7 @@ void fwd_rule_add(struct fwd_table *fwd, uint8_t proto, uint8_t flags,
die("Invalid interface name: %s", ifname);
}
- ASSERT(first <= last);
+ assert(first <= last);
new->first = first;
new->last = last;
@@ -450,7 +450,7 @@ const struct fwd_rule *fwd_rule_search(const struct fwd_table *fwd,
char ostr[INANY_ADDRSTRLEN], rstr[INANY_ADDRSTRLEN];
const struct fwd_rule *rule = &fwd->rules[hint];
- ASSERT((unsigned)hint < fwd->count);
+ assert((unsigned)hint < fwd->count);
if (fwd_rule_match(rule, ini, proto))
return rule;
@@ -521,14 +521,14 @@ static int fwd_sync_one(const struct ctx *c, const struct fwd_table *fwd,
bool bound_one = false;
unsigned port, idx;
- ASSERT(pif_is_socket(pif));
+ assert(pif_is_socket(pif));
if (!*ifname)
ifname = NULL;
idx = rule - fwd->rules;
- ASSERT(idx < MAX_FWD_RULES);
- ASSERT(!(rule->flags & FWD_SCAN && !scanmap));
+ assert(idx < MAX_FWD_RULES);
+ assert(!(rule->flags & FWD_SCAN && !scanmap));
for (port = rule->first; port <= rule->last; port++) {
int fd = rule->socks[port - rule->first];
@@ -554,7 +554,7 @@ static int fwd_sync_one(const struct ctx *c, const struct fwd_table *fwd,
else if (rule->proto == IPPROTO_UDP)
fd = udp_listen(c, pif, idx, addr, ifname, port);
else
- ASSERT(0);
+ assert(0);
if (fd < 0) {
char astr[INANY_ADDRSTRLEN];
diff --git a/icmp.c b/icmp.c
index 0b0f593c..18b6106a 100644
--- a/icmp.c
+++ b/icmp.c
@@ -58,7 +58,7 @@ static struct icmp_ping_flow *ping_at_sidx(flow_sidx_t sidx)
if (!flow)
return NULL;
- ASSERT(flow->f.type == FLOW_PING4 || flow->f.type == FLOW_PING6);
+ assert(flow->f.type == FLOW_PING4 || flow->f.type == FLOW_PING6);
return &flow->ping;
}
@@ -80,7 +80,7 @@ void icmp_sock_handler(const struct ctx *c, union epoll_ref ref)
if (c->no_icmp)
return;
- ASSERT(pingf);
+ assert(pingf);
n = recvfrom(ref.fd, buf, sizeof(buf), 0, &sr.sa, &sl);
if (n < 0) {
@@ -109,7 +109,7 @@ void icmp_sock_handler(const struct ctx *c, union epoll_ref ref)
ih6->icmp6_identifier = htons(ini->eport);
seq = ntohs(ih6->icmp6_sequence);
} else {
- ASSERT(0);
+ assert(0);
}
/* In PASTA mode, we'll get any reply we send, discard them. */
@@ -131,7 +131,7 @@ void icmp_sock_handler(const struct ctx *c, union epoll_ref ref)
const struct in_addr *saddr = inany_v4(&ini->oaddr);
const struct in_addr *daddr = inany_v4(&ini->eaddr);
- ASSERT(saddr && daddr); /* Must have IPv4 addresses */
+ assert(saddr && daddr); /* Must have IPv4 addresses */
tap_icmp4_send(c, *saddr, *daddr, buf, pingf->f.tap_omac, n);
} else if (pingf->f.type == FLOW_PING6) {
const struct in6_addr *saddr = &ini->oaddr.a6;
@@ -256,7 +256,7 @@ int icmp_tap_handler(const struct ctx *c, uint8_t pif, sa_family_t af,
int cnt;
(void)saddr;
- ASSERT(pif == PIF_TAP);
+ assert(pif == PIF_TAP);
if (af == AF_INET) {
struct icmphdr ih_storage;
@@ -287,7 +287,7 @@ int icmp_tap_handler(const struct ctx *c, uint8_t pif, sa_family_t af,
id = ntohs(ih->icmp6_identifier);
seq = ntohs(ih->icmp6_sequence);
} else {
- ASSERT(0);
+ assert(0);
}
cnt = iov_tail_clone(&iov[0], MAX_IOV_ICMP, data);
@@ -304,7 +304,7 @@ int icmp_tap_handler(const struct ctx *c, uint8_t pif, sa_family_t af,
tgt = &pingf->f.side[TGTSIDE];
- ASSERT(flow_proto[pingf->f.type] == proto);
+ assert(flow_proto[pingf->f.type] == proto);
pingf->ts = now->tv_sec;
pif_sockaddr(c, &sa, PIF_HOST, &tgt->eaddr, 0);
diff --git a/inany.h b/inany.h
index 9891ed6b..30e24164 100644
--- a/inany.h
+++ b/inany.h
@@ -86,7 +86,7 @@ static inline socklen_t socklen_inany(const union sockaddr_inany *sa)
case AF_INET6:
return sizeof(sa->sa6);
default:
- ASSERT(0);
+ assert(0);
}
}
@@ -268,7 +268,7 @@ static inline void inany_from_af(union inany_addr *aa,
aa->v4mapped.a4 = *((struct in_addr *)addr);
} else {
/* Not valid to call with other address families */
- ASSERT(0);
+ assert(0);
}
}
diff --git a/iov.c b/iov.c
index 31a3f5bc..b710daff 100644
--- a/iov.c
+++ b/iov.c
@@ -118,7 +118,7 @@ size_t iov_to_buf(const struct iovec *iov, size_t iov_cnt,
for (copied = 0; copied < bytes && i < iov_cnt; i++) {
size_t len = MIN(iov[i].iov_len - offset, bytes - copied);
- ASSERT(iov[i].iov_base);
+ assert(iov[i].iov_base);
memcpy((char *)buf + copied, (char *)iov[i].iov_base + offset,
len);
diff --git a/isolation.c b/isolation.c
index b25f3498..7e6225df 100644
--- a/isolation.c
+++ b/isolation.c
@@ -396,7 +396,7 @@ void isolate_postfork(const struct ctx *c)
prog.filter = filter_vu;
break;
default:
- ASSERT(0);
+ assert(0);
}
if (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0) ||
diff --git a/lineread.c b/lineread.c
index 4225de61..b19f5ebf 100644
--- a/lineread.c
+++ b/lineread.c
@@ -44,8 +44,8 @@ static ssize_t peek_line(struct lineread *lr, bool eof)
char *nl;
/* Sanity checks (which also document invariants) */
- ASSERT(lr->next_line + lr->count >= lr->next_line);
- ASSERT(lr->next_line + lr->count <= LINEREAD_BUFFER_SIZE);
+ assert(lr->next_line + lr->count >= lr->next_line);
+ assert(lr->next_line + lr->count <= LINEREAD_BUFFER_SIZE);
nl = memchr(lr->buf + lr->next_line, '\n', lr->count);
diff --git a/netlink.c b/netlink.c
index e07b47f4..6b74e882 100644
--- a/netlink.c
+++ b/netlink.c
@@ -160,7 +160,7 @@ static uint32_t nl_send(int s, void *req, uint16_t type,
*/
static int nl_status(const struct nlmsghdr *nh, ssize_t n, uint32_t seq)
{
- ASSERT(NLMSG_OK(nh, n));
+ assert(NLMSG_OK(nh, n));
if (nh->nlmsg_seq != seq)
die("netlink: Unexpected sequence number (%u != %u)",
diff --git a/packet.c b/packet.c
index 890561bb..1cb74b74 100644
--- a/packet.c
+++ b/packet.c
@@ -168,7 +168,7 @@ bool packet_get_do(const struct pool *p, size_t idx,
{
size_t i;
- ASSERT_WITH_MSG(p->count <= p->size,
+ assert_with_msg(p->count <= p->size,
"Corrupted pool count: %zu, size: %zu, %s:%i",
p->count, p->size, func, line);
@@ -188,7 +188,7 @@ bool packet_get_do(const struct pool *p, size_t idx,
data->off = 0;
for (i = 0; i < data->cnt; i++) {
- ASSERT_WITH_MSG(!packet_check_range(p, data->iov[i].iov_base,
+ assert_with_msg(!packet_check_range(p, data->iov[i].iov_base,
data->iov[i].iov_len,
func, line),
"Corrupt packet pool, %s:%i", func, line);
diff --git a/passt.c b/passt.c
index fc3b89b8..f84419c7 100644
--- a/passt.c
+++ b/passt.c
@@ -305,7 +305,7 @@ static void passt_worker(void *opaque, int nfds, struct epoll_event *events)
break;
default:
/* Can't happen */
- ASSERT(0);
+ assert(0);
}
stats.events[ref.type]++;
print_stats(c, &stats, &now);
diff --git a/pif.c b/pif.c
index 82a3b5e4..1e807247 100644
--- a/pif.c
+++ b/pif.c
@@ -39,7 +39,7 @@ void pif_sockaddr(const struct ctx *c, union sockaddr_inany *sa,
{
const struct in_addr *v4 = inany_v4(addr);
- ASSERT(pif_is_socket(pif));
+ assert(pif_is_socket(pif));
if (v4) {
sa->sa_family = AF_INET;
@@ -83,7 +83,7 @@ int pif_listen(const struct ctx *c, enum epoll_type type, uint8_t pif,
union epoll_ref ref;
int ret;
- ASSERT(pif_is_socket(pif));
+ assert(pif_is_socket(pif));
if (!addr) {
ref.fd = sock_l4_dualstack_any(c, type, port, ifname);
diff --git a/tap.c b/tap.c
index eaa6111a..1049e023 100644
--- a/tap.c
+++ b/tap.c
@@ -117,7 +117,7 @@ unsigned long tap_l2_max_len(const struct ctx *c)
return L2_MAX_LEN_VU;
}
/* NOLINTEND(bugprone-branch-clone) */
- ASSERT(0);
+ assert(0);
return 0; /* Unreachable, for cppcheck's sake */
}
@@ -543,7 +543,7 @@ size_t tap_send_frames(const struct ctx *c, const struct iovec *iov,
case MODE_VU:
/* fall through */
default:
- ASSERT(0);
+ assert(0);
}
if (m < nframes)
@@ -1536,7 +1536,7 @@ void tap_backend_init(struct ctx *c)
}
if (c->fd_tap != -1) { /* Passed as --fd */
- ASSERT(c->one_off);
+ assert(c->one_off);
tap_start_connection(c);
return;
}
diff --git a/tcp.c b/tcp.c
index 9d91c3c8..b1458624 100644
--- a/tcp.c
+++ b/tcp.c
@@ -461,7 +461,7 @@ static struct tcp_tap_conn *conn_at_sidx(flow_sidx_t sidx)
if (!flow)
return NULL;
- ASSERT(flow->f.type == FLOW_TCP);
+ assert(flow->f.type == FLOW_TCP);
return &flow->tcp;
}
@@ -966,7 +966,7 @@ size_t tcp_fill_headers(const struct ctx *c, struct tcp_tap_conn *conn,
const struct in_addr *src4 = inany_v4(&tapside->oaddr);
const struct in_addr *dst4 = inany_v4(&tapside->eaddr);
- ASSERT(src4 && dst4);
+ assert(src4 && dst4);
l3len += + sizeof(*ip4h);
@@ -1879,7 +1879,7 @@ static int tcp_data_from_tap(const struct ctx *c, struct tcp_tap_conn *conn,
if (conn->events == CLOSED)
return p->count - idx;
- ASSERT(conn->events & ESTABLISHED);
+ assert(conn->events & ESTABLISHED);
for (i = idx, iov_i = 0; i < (int)p->count; i++) {
uint32_t seq, seq_offset, ack_seq;
@@ -2260,8 +2260,8 @@ int tcp_tap_handler(const struct ctx *c, uint8_t pif, sa_family_t af,
return 1;
}
- ASSERT(flow->f.type == FLOW_TCP);
- ASSERT(pif_at_sidx(sidx) == PIF_TAP);
+ assert(flow->f.type == FLOW_TCP);
+ assert(pif_at_sidx(sidx) == PIF_TAP);
conn = &flow->tcp;
flow_trace(conn, "packet length %zu from tap", l4len);
@@ -2500,7 +2500,7 @@ void tcp_listen_handler(const struct ctx *c, union epoll_ref ref,
union flow *flow;
int s;
- ASSERT(!c->no_tcp);
+ assert(!c->no_tcp);
if (!(flow = flow_alloc()))
return;
@@ -2570,8 +2570,8 @@ void tcp_timer_handler(const struct ctx *c, union epoll_ref ref)
struct itimerspec check_armed = { { 0 }, { 0 } };
struct tcp_tap_conn *conn = &FLOW(ref.flow)->tcp;
- ASSERT(!c->no_tcp);
- ASSERT(conn->f.type == FLOW_TCP);
+ assert(!c->no_tcp);
+ assert(conn->f.type == FLOW_TCP);
/* We don't reset timers on ~ACK_FROM_TAP_DUE, ~ACK_TO_TAP_DUE. If the
* timer is currently armed, this event came from a previous setting,
@@ -2632,8 +2632,8 @@ void tcp_sock_handler(const struct ctx *c, union epoll_ref ref,
{
struct tcp_tap_conn *conn = conn_at_sidx(ref.flowside);
- ASSERT(!c->no_tcp);
- ASSERT(pif_at_sidx(ref.flowside) != PIF_TAP);
+ assert(!c->no_tcp);
+ assert(pif_at_sidx(ref.flowside) != PIF_TAP);
if (conn->events == CLOSED)
return;
@@ -2701,7 +2701,7 @@ int tcp_listen(const struct ctx *c, uint8_t pif, unsigned rule,
{
int s;
- ASSERT(!c->no_tcp);
+ assert(!c->no_tcp);
if (!c->ifi4) {
if (!addr)
@@ -2853,7 +2853,7 @@ static void tcp_get_rto_params(struct ctx *c)
*/
int tcp_init(struct ctx *c)
{
- ASSERT(!c->no_tcp);
+ assert(!c->no_tcp);
tcp_get_rto_params(c);
diff --git a/tcp_splice.c b/tcp_splice.c
index d60981ca..42ee8abc 100644
--- a/tcp_splice.c
+++ b/tcp_splice.c
@@ -105,7 +105,7 @@ static struct tcp_splice_conn *conn_at_sidx(flow_sidx_t sidx)
if (!flow)
return NULL;
- ASSERT(flow->f.type == FLOW_TCP_SPLICE);
+ assert(flow->f.type == FLOW_TCP_SPLICE);
return &flow->tcp_splice;
}
@@ -369,7 +369,7 @@ static int tcp_splice_connect(const struct ctx *c, struct tcp_splice_conn *conn)
else if (tgtpif == PIF_SPLICE)
conn->s[1] = tcp_conn_sock_ns(c, af);
else
- ASSERT(0);
+ assert(0);
if (conn->s[1] < 0)
return -1;
@@ -457,7 +457,7 @@ void tcp_splice_conn_from_sock(const struct ctx *c, union flow *flow, int s0)
struct tcp_splice_conn *conn = FLOW_SET_TYPE(flow, FLOW_TCP_SPLICE,
tcp_splice);
- ASSERT(c->mode == MODE_PASTA);
+ assert(c->mode == MODE_PASTA);
conn->s[0] = s0;
conn->s[1] = -1;
@@ -489,7 +489,7 @@ void tcp_splice_sock_handler(struct ctx *c, union epoll_ref ref,
uint8_t lowat_set_flag, lowat_act_flag;
int eof, never_read;
- ASSERT(conn->f.type == FLOW_TCP_SPLICE);
+ assert(conn->f.type == FLOW_TCP_SPLICE);
if (conn->events == SPLICE_CLOSED)
return;
@@ -779,7 +779,7 @@ void tcp_splice_timer(struct tcp_splice_conn *conn)
{
unsigned sidei;
- ASSERT(!(conn->flags & CLOSING));
+ assert(!(conn->flags & CLOSING));
flow_foreach_sidei(sidei) {
if ((conn->flags & RCVLOWAT_SET(sidei)) &&
diff --git a/tcp_vu.c b/tcp_vu.c
index fd734e85..826a38d1 100644
--- a/tcp_vu.c
+++ b/tcp_vu.c
@@ -94,7 +94,7 @@ int tcp_vu_send_flag(const struct ctx *c, struct tcp_tap_conn *conn, int flags)
if (elem_cnt != 1)
return -1;
- ASSERT(flags_elem[0].in_sg[0].iov_len >=
+ assert(flags_elem[0].in_sg[0].iov_len >=
MAX(hdrlen + sizeof(*opts), ETH_ZLEN + VNET_HLEN));
vu_set_vnethdr(flags_elem[0].in_sg[0].iov_base, 1);
@@ -221,7 +221,7 @@ static ssize_t tcp_vu_sock_recv(const struct ctx *c, struct vu_virtq *vq,
/* reserve space for headers in iov */
iov = &elem[elem_cnt].in_sg[0];
- ASSERT(iov->iov_len >= hdrlen);
+ assert(iov->iov_len >= hdrlen);
iov->iov_base = (char *)iov->iov_base + hdrlen;
iov->iov_len -= hdrlen;
head[(*head_cnt)++] = elem_cnt;
@@ -298,7 +298,7 @@ static void tcp_vu_prepare(const struct ctx *c, struct tcp_tap_conn *conn,
/* we guess the first iovec provided by the guest can embed
* all the headers needed by L2 frame, including any padding
*/
- ASSERT(iov[0].iov_len >= hdrlen);
+ assert(iov[0].iov_len >= hdrlen);
eh = vu_eth(base);
@@ -445,7 +445,7 @@ int tcp_vu_data_from_sock(const struct ctx *c, struct tcp_tap_conn *conn)
ssize_t dlen;
size_t l2len;
- ASSERT(frame_size >= hdrlen);
+ assert(frame_size >= hdrlen);
dlen = frame_size - hdrlen;
vu_set_vnethdr(iov->iov_base, buf_cnt);
diff --git a/udp.c b/udp.c
index 2275c16b..1fc5a42c 100644
--- a/udp.c
+++ b/udp.c
@@ -271,7 +271,7 @@ size_t udp_update_hdr4(struct iphdr *ip4h, struct udp_payload_t *bp,
size_t l4len = dlen + sizeof(bp->uh);
size_t l3len = l4len + sizeof(*ip4h);
- ASSERT(src && dst);
+ assert(src && dst);
ip4h->tot_len = htons(l3len);
ip4h->daddr = dst->s_addr;
@@ -431,7 +431,7 @@ static void udp_send_tap_icmp4(const struct ctx *c,
size_t msglen = sizeof(msg) - sizeof(msg.data) + dlen;
size_t l4len = dlen + sizeof(struct udphdr);
- ASSERT(dlen <= ICMP4_MAX_DLEN);
+ assert(dlen <= ICMP4_MAX_DLEN);
memset(&msg, 0, sizeof(msg));
msg.icmp4h.type = ee->ee_type;
msg.icmp4h.code = ee->ee_code;
@@ -480,7 +480,7 @@ static void udp_send_tap_icmp6(const struct ctx *c,
size_t msglen = sizeof(msg) - sizeof(msg.data) + dlen;
size_t l4len = dlen + sizeof(struct udphdr);
- ASSERT(dlen <= ICMP6_MAX_DLEN);
+ assert(dlen <= ICMP6_MAX_DLEN);
memset(&msg, 0, sizeof(msg));
msg.icmp6h.icmp6_type = ee->ee_type;
msg.icmp6h.icmp6_code = ee->ee_code;
@@ -628,7 +628,7 @@ static int udp_sock_recverr(const struct ctx *c, int s, flow_sidx_t sidx,
}
uflow = udp_at_sidx(sidx);
- ASSERT(uflow);
+ assert(uflow);
fromside = &uflow->f.side[sidx.sidei];
toside = &uflow->f.side[!sidx.sidei];
topif = uflow->f.pif[!sidx.sidei];
@@ -692,7 +692,7 @@ static int udp_sock_errs(const struct ctx *c, int s, flow_sidx_t sidx,
socklen_t errlen;
int rc, err;
- ASSERT(!c->no_udp);
+ assert(!c->no_udp);
/* Empty the error queue */
while ((rc = udp_sock_recverr(c, s, sidx, pif, port)) > 0)
@@ -772,7 +772,7 @@ static int udp_peek_addr(int s, union sockaddr_inany *src,
*/
static int udp_sock_recv(const struct ctx *c, int s, struct mmsghdr *mmh, int n)
{
- ASSERT(!c->no_udp);
+ assert(!c->no_udp);
n = recvmmsg(s, mmh, n, 0, NULL);
if (n < 0) {
@@ -940,7 +940,7 @@ void udp_sock_handler(const struct ctx *c, union epoll_ref ref,
{
struct udp_flow *uflow = udp_at_sidx(ref.flowside);
- ASSERT(!c->no_udp && uflow);
+ assert(!c->no_udp && uflow);
if (events & EPOLLERR) {
if (udp_sock_errs(c, ref.fd, ref.flowside, PIF_NONE, 0) < 0) {
@@ -1023,7 +1023,7 @@ int udp_tap_handler(const struct ctx *c, uint8_t pif,
in_port_t src, dst;
uint8_t topif;
- ASSERT(!c->no_udp);
+ assert(!c->no_udp);
if (!packet_get(p, idx, &data))
return 1;
@@ -1061,7 +1061,7 @@ int udp_tap_handler(const struct ctx *c, uint8_t pif,
toside = flowside_at_sidx(tosidx);
s = uflow->s[tosidx.sidei];
- ASSERT(s >= 0);
+ assert(s >= 0);
pif_sockaddr(c, &to_sa, topif, &toside->eaddr, toside->eport);
@@ -1141,7 +1141,7 @@ int udp_listen(const struct ctx *c, uint8_t pif, unsigned rule,
{
int s;
- ASSERT(!c->no_udp);
+ assert(!c->no_udp);
if (!c->ifi4) {
if (!addr)
@@ -1209,7 +1209,7 @@ static void udp_get_timeout_params(struct ctx *c)
*/
int udp_init(struct ctx *c)
{
- ASSERT(!c->no_udp);
+ assert(!c->no_udp);
udp_get_timeout_params(c);
diff --git a/udp_flow.c b/udp_flow.c
index 00238372..7e2453e7 100644
--- a/udp_flow.c
+++ b/udp_flow.c
@@ -31,7 +31,7 @@ struct udp_flow *udp_at_sidx(flow_sidx_t sidx)
if (!flow)
return NULL;
- ASSERT(flow->f.type == FLOW_UDP);
+ assert(flow->f.type == FLOW_UDP);
return &flow->udp;
}
@@ -280,7 +280,7 @@ flow_sidx_t udp_flow_from_tap(const struct ctx *c,
union flow *flow;
flow_sidx_t sidx;
- ASSERT(pif == PIF_TAP);
+ assert(pif == PIF_TAP);
sidx = flow_lookup_af(c, IPPROTO_UDP, pif, af, saddr, daddr,
srcport, dstport);
diff --git a/udp_vu.c b/udp_vu.c
index 5effca77..7939290f 100644
--- a/udp_vu.c
+++ b/udp_vu.c
@@ -75,7 +75,7 @@ static int udp_vu_sock_recv(const struct ctx *c, struct vu_virtq *vq, int s,
int iov_cnt, iov_used;
size_t hdrlen, l2len;
- ASSERT(!c->no_udp);
+ assert(!c->no_udp);
if (!vu_queue_enabled(vq) || !vu_queue_started(vq)) {
debug("Got UDP packet, but RX virtqueue not usable yet");
@@ -97,7 +97,7 @@ static int udp_vu_sock_recv(const struct ctx *c, struct vu_virtq *vq, int s,
return -1;
/* reserve space for the headers */
- ASSERT(iov_vu[0].iov_len >= MAX(hdrlen, ETH_ZLEN + VNET_HLEN));
+ assert(iov_vu[0].iov_len >= MAX(hdrlen, ETH_ZLEN + VNET_HLEN));
iov_vu[0].iov_base = (char *)iov_vu[0].iov_base + hdrlen;
iov_vu[0].iov_len -= hdrlen;
diff --git a/util.c b/util.c
index a4f2be42..22318c00 100644
--- a/util.c
+++ b/util.c
@@ -84,7 +84,7 @@ static int sock_l4_(const struct ctx *c, enum epoll_type type,
socktype = SOCK_DGRAM | SOCK_NONBLOCK;
break;
default:
- ASSERT(0);
+ assert(0);
}
fd = socket(af, socktype, proto);
@@ -884,7 +884,7 @@ int read_all_buf(int fd, void *buf, size_t len)
while (left) {
ssize_t rc;
- ASSERT(left <= len);
+ assert(left <= len);
do
rc = read(fd, p, left);
@@ -924,7 +924,7 @@ int read_remainder(int fd, const struct iovec *iov, size_t cnt, size_t skip)
ssize_t rc;
if (offset) {
- ASSERT(offset < iov[i].iov_len);
+ assert(offset < iov[i].iov_len);
/* Read the remainder of the partially read buffer */
if (read_all_buf(fd, (char *)iov[i].iov_base + offset,
iov[i].iov_len - offset) < 0)
diff --git a/util.h b/util.h
index 4cbb5da3..dcb79afe 100644
--- a/util.h
+++ b/util.h
@@ -73,10 +73,14 @@ void abort_with_msg(const char *fmt, ...)
* Therefore, avoid using the usual do while wrapper we use to force the macro
* to act like a single statement requiring a ';'.
*/
-#define ASSERT_WITH_MSG(expr, ...) \
+#define assert_with_msg(expr, ...) \
((expr) ? (void)0 : abort_with_msg(__VA_ARGS__))
-#define ASSERT(expr) \
- ASSERT_WITH_MSG((expr), "ASSERTION FAILED in %s (%s:%d): %s", \
+/* The standard library assert() hits our seccomp filter and dies before it can
+ * actually print a message. So, replace it with our own version.
+ */
+#undef assert
+#define assert(expr) \
+ assert_with_msg((expr), "ASSERTION FAILED in %s (%s:%d): %s", \
__func__, __FILE__, __LINE__, STRINGIFY(expr))
#ifdef P_tmpdir
diff --git a/vhost_user.c b/vhost_user.c
index 9fe12411..75665ec6 100644
--- a/vhost_user.c
+++ b/vhost_user.c
@@ -216,9 +216,9 @@ static int vu_message_read_default(int conn_fd, struct vhost_user_msg *vmsg)
cmsg->cmsg_type == SCM_RIGHTS) {
size_t fd_size;
- ASSERT(cmsg->cmsg_len >= CMSG_LEN(0));
+ assert(cmsg->cmsg_len >= CMSG_LEN(0));
fd_size = cmsg->cmsg_len - CMSG_LEN(0);
- ASSERT(fd_size <= sizeof(vmsg->fds));
+ assert(fd_size <= sizeof(vmsg->fds));
vmsg->fd_num = fd_size / sizeof(int);
memcpy(vmsg->fds, CMSG_DATA(cmsg), fd_size);
break;
@@ -272,7 +272,7 @@ static void vu_message_write(int conn_fd, struct vhost_user_msg *vmsg)
};
int rc;
- ASSERT(vmsg->fd_num <= VHOST_MEMORY_BASELINE_NREGIONS);
+ assert(vmsg->fd_num <= VHOST_MEMORY_BASELINE_NREGIONS);
if (vmsg->fd_num > 0) {
size_t fdsize = vmsg->fd_num * sizeof(int);
struct cmsghdr *cmsg;
@@ -483,7 +483,7 @@ static bool vu_set_mem_table_exec(struct vu_dev *vdev,
}
}
- ASSERT(vdev->memory.nregions < VHOST_USER_MAX_RAM_SLOTS);
+ assert(vdev->memory.nregions < VHOST_USER_MAX_RAM_SLOTS);
return false;
}
diff --git a/virtio.c b/virtio.c
index 447137ee..47b6cc2a 100644
--- a/virtio.c
+++ b/virtio.c
@@ -402,8 +402,8 @@ static bool virtqueue_map_desc(const struct vu_dev *dev,
{
unsigned int num_sg = *p_num_sg;
- ASSERT(num_sg < max_num_sg);
- ASSERT(sz);
+ assert(num_sg < max_num_sg);
+ assert(sz);
while (sz) {
uint64_t len = sz;
diff --git a/vu_common.c b/vu_common.c
index 5f2ce18e..75ad43d3 100644
--- a/vu_common.c
+++ b/vu_common.c
@@ -43,7 +43,7 @@ int vu_packet_check_range(struct vdev_memory *memory,
/* NOLINTNEXTLINE(performance-no-int-to-ptr) */
const char *base = (const char *)base_addr;
- ASSERT(base_addr >= dev_region[i].mmap_addr);
+ assert(base_addr >= dev_region[i].mmap_addr);
if (len <= dev_region[i].size && base <= ptr &&
(size_t)(ptr - base) <= dev_region[i].size - len)
@@ -167,7 +167,7 @@ static void vu_handle_tx(struct vu_dev *vdev, int index,
int out_sg_count;
int count;
- ASSERT(VHOST_USER_IS_QUEUE_TX(index));
+ assert(VHOST_USER_IS_QUEUE_TX(index));
tap_flush_pools();
--
2.53.0
next prev parent reply other threads:[~2026-03-16 5:46 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-03-16 5:46 [PATCH 0/5] RFC: Stub dynamic update implementation David Gibson
2026-03-16 5:46 ` [PATCH 1/5] Makefile: Use $^ to avoid duplication in static checker rules David Gibson
2026-03-16 5:46 ` [PATCH 2/5] doc: Fix formatting of (DEPRECATED) notes in man page David Gibson
2026-03-16 5:46 ` [PATCH 3/5] pif: Remove unused PIF_NAMELEN David Gibson
2026-03-16 5:46 ` David Gibson [this message]
2026-03-17 0:02 ` [PATCH 4/5] treewide: Spell ASSERT() as assert() Stefano Brivio
2026-03-17 0:39 ` David Gibson
2026-03-17 9:36 ` Stefano Brivio
2026-03-16 5:46 ` [PATCH 5/5] pesto: Introduce stub configuration interface and tool David Gibson
2026-03-17 0:02 ` Stefano Brivio
2026-03-17 0:48 ` David Gibson
2026-03-17 9:36 ` Stefano Brivio
2026-03-17 0:02 ` [PATCH 0/5] RFC: Stub dynamic update implementation Stefano Brivio
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260316054629.239002-5-david@gibson.dropbear.id.au \
--to=david@gibson.dropbear.id.au \
--cc=passt-dev@passt.top \
--cc=sbrivio@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://passt.top/passt
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for IMAP folder(s).