Commit a95096ba5f72db71422ffd9ea6630160387b97c0

Edward Thomson 2020-01-12T10:31:07

assert: optionally fall-back to assert(3) Fall back to the system assert(3) in debug builds, which may aide in debugging. "Safe" assertions can be enabled in debug builds by setting GIT_ASSERT_HARD=0. Similarly, hard assertions can be enabled in release builds by setting GIT_ASSERT_HARD to nonzero.

diff --git a/src/assert_safe.h b/src/assert_safe.h
new file mode 100644
index 0000000..9f2e164
--- /dev/null
+++ b/src/assert_safe.h
@@ -0,0 +1,51 @@
+/*
+ * Copyright (C) the libgit2 contributors. All rights reserved.
+ *
+ * This file is part of libgit2, distributed under the GNU GPL v2 with
+ * a Linking Exception. For full terms see the included COPYING file.
+ */
+#ifndef INCLUDE_assert_safe_h__
+#define INCLUDE_assert_safe_h__
+
+/*
+ * In a debug build, we'll assert(3) for aide in debugging.  In release
+ * builds, we will provide macros that will set an error message that
+ * indicate a failure and return.  Note that memory leaks can occur in
+ * a release-mode assertion failure -- it is impractical to provide
+ * safe clean up routines in these very extreme failures, but care
+ * should be taken to not leak very large objects.
+ */
+
+#if (defined(_DEBUG) || defined(GIT_ASSERT_HARD)) && GIT_ASSERT_HARD != 0
+# include <assert.h>
+
+# define GIT_ASSERT(expr) assert(expr)
+# define GIT_ASSERT_ARG(expr) assert(expr)
+#else
+
+/**
+ * Assert that a consumer-provided argument is valid, setting an
+ * actionable error message and returning -1 if it is not.
+ */
+# define GIT_ASSERT_ARG(expr) do { \
+		if (!(expr)) { \
+			git_error_set(GIT_ERROR_INVALID, \
+				"invalid argument: '%s'", \
+				#expr); \
+			return -1; \
+		} \
+	} while(0)
+
+/* Internal consistency check to stop the function. */
+# define GIT_ASSERT(expr) do { \
+		if (!(expr)) { \
+			git_error_set(GIT_ERROR_INTERNAL, \
+				"unrecoverable internal error: '%s'", \
+				#expr); \
+			return -1; \
+		} \
+	} while(0)
+
+#endif /* GIT_ASSERT_HARD */
+
+#endif
diff --git a/src/common.h b/src/common.h
index 959dd57..2b1a4a4 100644
--- a/src/common.h
+++ b/src/common.h
@@ -80,6 +80,7 @@
 #include "errors.h"
 #include "thread-utils.h"
 #include "integer.h"
+#include "assert_safe.h"
 
 /*
  * Include the declarations for deprecated functions; this ensures
@@ -95,33 +96,6 @@
 #define NETIO_BUFSIZE DEFAULT_BUFSIZE
 
 /**
- * Assert that a consumer-provided argument is valid, setting an
- * actionable error message and returning -1 if it is not.
- *
- * Note that memory leaks can occur in a release-mode assertion
- * failure -- it is impractical to provide safe clean up routines in these very
- * extreme failures, but care should be taken to not leak very large objects.
- */
-#define GIT_ASSERT_ARG(expr) do { \
-		if (!(expr)) { \
-			git_error_set(GIT_ERROR_INVALID, \
-				"invalid argument: '%s'", \
-				#expr); \
-			return -1; \
-		} \
-	} while(0)
-
-/** Internal consistency check to stop the function. */
-#define GIT_ASSERT(expr) do { \
-		if (!(expr)) { \
-			git_error_set(GIT_ERROR_INTERNAL, \
-				"unrecoverable internal error: '%s'", \
-				#expr); \
-			return -1; \
-		} \
-	} while(0)
-
-/**
  * Check a pointer allocation result, returning -1 if it failed.
  */
 #define GIT_ERROR_CHECK_ALLOC(ptr) if (ptr == NULL) { return -1; }
diff --git a/tests/core/assert.c b/tests/core/assert.c
index 8fd7093..5260b26 100644
--- a/tests/core/assert.c
+++ b/tests/core/assert.c
@@ -1,3 +1,5 @@
+#define GIT_ASSERT_HARD 0
+
 #include "clar_libgit2.h"
 
 static const char *hello_world = "hello, world";