assert: optionally fall-back to assert(3)

Fall back to the system assert(3) in debug builds, which may aide
in debugging.

"Safe" assertions can be enabled in debug builds by setting
GIT_ASSERT_HARD=0.  Similarly, hard assertions can be enabled in
release builds by setting GIT_ASSERT_HARD to nonzero.

Author: ethomson

src/assert_safe.h

@@ -0,0 +1,51 @@
+/*
+ * Copyright (C) the libgit2 contributors. All rights reserved.
+ *
+ * This file is part of libgit2, distributed under the GNU GPL v2 with
+ * a Linking Exception. For full terms see the included COPYING file.
+ */
+#ifndef INCLUDE_assert_safe_h__
+#define INCLUDE_assert_safe_h__
+
+/*
+ * In a debug build, we'll assert(3) for aide in debugging.  In release
+ * builds, we will provide macros that will set an error message that
+ * indicate a failure and return.  Note that memory leaks can occur in
+ * a release-mode assertion failure -- it is impractical to provide
+ * safe clean up routines in these very extreme failures, but care
+ * should be taken to not leak very large objects.
+ */
+
+#if (defined(_DEBUG) || defined(GIT_ASSERT_HARD)) && GIT_ASSERT_HARD != 0
+# include <assert.h>
+
+# define GIT_ASSERT(expr) assert(expr)
+# define GIT_ASSERT_ARG(expr) assert(expr)
+#else
+
+/**
+ * Assert that a consumer-provided argument is valid, setting an
+ * actionable error message and returning -1 if it is not.
+ */
+# define GIT_ASSERT_ARG(expr) do { \
+		if (!(expr)) { \
+			git_error_set(GIT_ERROR_INVALID, \
+				"invalid argument: '%s'", \
+				#expr); \
+			return -1; \
+		} \
+	} while(0)
+
+/* Internal consistency check to stop the function. */
+# define GIT_ASSERT(expr) do { \
+		if (!(expr)) { \
+			git_error_set(GIT_ERROR_INTERNAL, \
+				"unrecoverable internal error: '%s'", \
+				#expr); \
+			return -1; \
+		} \
+	} while(0)
+
+#endif /* GIT_ASSERT_HARD */
+
+#endif

src/common.h

@@ -80,6 +80,7 @@
 #include "errors.h"
 #include "thread-utils.h"
 #include "integer.h"
+#include "assert_safe.h"
 
 /*
  * Include the declarations for deprecated functions; this ensures
@@ -94,33 +95,6 @@
 #define FILTERIO_BUFSIZE DEFAULT_BUFSIZE
 #define NETIO_BUFSIZE DEFAULT_BUFSIZE
 
-/**
- * Assert that a consumer-provided argument is valid, setting an
- * actionable error message and returning -1 if it is not.
- *
- * Note that memory leaks can occur in a release-mode assertion
- * failure -- it is impractical to provide safe clean up routines in these very
- * extreme failures, but care should be taken to not leak very large objects.
- */
-#define GIT_ASSERT_ARG(expr) do { \
-		if (!(expr)) { \
-			git_error_set(GIT_ERROR_INVALID, \
-				"invalid argument: '%s'", \
-				#expr); \
-			return -1; \
-		} \
-	} while(0)
-
-/** Internal consistency check to stop the function. */
-#define GIT_ASSERT(expr) do { \
-		if (!(expr)) { \
-			git_error_set(GIT_ERROR_INTERNAL, \
-				"unrecoverable internal error: '%s'", \
-				#expr); \
-			return -1; \
-		} \
-	} while(0)
-
 /**
  * Check a pointer allocation result, returning -1 if it failed.
  */

tests/core/assert.c

@@ -1,3 +1,5 @@
+#define GIT_ASSERT_HARD 0
+
 #include "clar_libgit2.h"
 
 static const char *hello_world = "hello, world";