basic: Move assertion specific functions to assert-util.h

Various functions in log.h are only used by asserts, and there's
enough assertion related stuff in macro.h to justify a separate header
which also makes it easier to avoid circular dependencies.

Let's introduce assert-util.h and an accompanying fundamental header
and move all the assertion related stuff over there. PROJECT_FILE is
moved over to macro.h.

Author: DaanDeMeyer

src/basic/alloc-util.h

@@ -7,6 +7,7 @@
 #include <stdlib.h>
 #include <string.h>
 
+#include "assert-util.h"
 #include "macro.h"
 
 #if HAS_FEATURE_MEMORY_SANITIZER

src/basic/argv-util.h

@@ -3,6 +3,7 @@
 
 #include <stdbool.h>
 
+#include "assert-util.h"
 #include "macro.h"
 
 extern int saved_argc;

src/basic/assert-util.c

@@ -0,0 +1,65 @@
+/* SPDX-License-Identifier: LGPL-2.1-or-later */
+
+#include <stdio.h>
+
+#include "assert-util.h"
+#include "errno-util.h"
+#include "log.h"
+
+static bool assert_return_is_critical = BUILD_MODE_DEVELOPER;
+
+/* Akin to glibc's __abort_msg; which is private and we hence cannot
+ * use here. */
+static char *log_abort_msg = NULL;
+
+void log_set_assert_return_is_critical(bool b) {
+        assert_return_is_critical = b;
+}
+
+bool log_get_assert_return_is_critical(void) {
+        return assert_return_is_critical;
+}
+
+static void log_assert(
+        int level,
+        const char *text,
+        const char *file,
+        int line,
+        const char *func,
+        const char *format) {
+
+        static char buffer[LINE_MAX];
+
+        if (_likely_(LOG_PRI(level) > log_get_max_level()))
+                return;
+
+        DISABLE_WARNING_FORMAT_NONLITERAL;
+        (void) snprintf(buffer, sizeof buffer, format, text, file, line, func);
+        REENABLE_WARNING;
+
+        log_abort_msg = buffer;
+
+        log_dispatch_internal(level, 0, file, line, func, NULL, NULL, NULL, NULL, buffer);
+}
+
+_noreturn_ void log_assert_failed(const char *text, const char *file, int line, const char *func) {
+        log_assert(LOG_CRIT, text, file, line, func,
+                   "Assertion '%s' failed at %s:%u, function %s(). Aborting.");
+        abort();
+}
+
+_noreturn_ void log_assert_failed_unreachable(const char *file, int line, const char *func) {
+        log_assert(LOG_CRIT, "Code should not be reached", file, line, func,
+                   "%s at %s:%u, function %s(). Aborting. 💥");
+        abort();
+}
+
+void log_assert_failed_return(const char *text, const char *file, int line, const char *func) {
+
+        if (assert_return_is_critical)
+                log_assert_failed(text, file, line, func);
+
+        PROTECT_ERRNO;
+        log_assert(LOG_DEBUG, text, file, line, func,
+                   "Assertion '%s' failed at %s:%u, function %s(), ignoring.");
+}

src/basic/assert-util.h

@@ -0,0 +1,84 @@
+/* SPDX-License-Identifier: LGPL-2.1-or-later */
+#pragma once
+
+#include "assert-fundamental.h"
+#include "macro.h"
+
+/* Logging for various assertions */
+
+void log_set_assert_return_is_critical(bool b);
+bool log_get_assert_return_is_critical(void) _pure_;
+
+_noreturn_ void log_assert_failed(const char *text, const char *file, int line, const char *func);
+_noreturn_ void log_assert_failed_unreachable(const char *file, int line, const char *func);
+void log_assert_failed_return(const char *text, const char *file, int line, const char *func);
+
+#ifdef __COVERITY__
+
+/* Use special definitions of assertion macros in order to prevent
+ * false positives of ASSERT_SIDE_EFFECT on Coverity static analyzer
+ * for uses of assert_se() and assert_return().
+ *
+ * These definitions make expression go through a (trivial) function
+ * call to ensure they are not discarded. Also use ! or !! to ensure
+ * the boolean expressions are seen as such.
+ *
+ * This technique has been described and recommended in:
+ * https://community.synopsys.com/s/question/0D534000046Yuzb/suppressing-assertsideeffect-for-functions-that-allow-for-sideeffects
+ */
+
+extern void __coverity_panic__(void);
+
+static inline void __coverity_check__(int condition) {
+        if (!condition)
+                __coverity_panic__();
+}
+
+static inline int __coverity_check_and_return__(int condition) {
+        return condition;
+}
+
+#define assert_message_se(expr, message) __coverity_check__(!!(expr))
+
+#define assert_log(expr, message) __coverity_check_and_return__(!!(expr))
+
+#else  /* ! __COVERITY__ */
+
+#define assert_message_se(expr, message)                                \
+        do {                                                            \
+                if (_unlikely_(!(expr)))                                \
+                        log_assert_failed(message, PROJECT_FILE, __LINE__, __func__); \
+        } while (false)
+
+#define assert_log(expr, message) ((_likely_(expr))                     \
+        ? (true)                                                        \
+        : (log_assert_failed_return(message, PROJECT_FILE, __LINE__, __func__), false))
+
+#endif  /* __COVERITY__ */
+
+#define assert_se(expr) assert_message_se(expr, #expr)
+
+/* We override the glibc assert() here. */
+#undef assert
+#ifdef NDEBUG
+#define assert(expr) ({ if (!(expr)) __builtin_unreachable(); })
+#else
+#define assert(expr) assert_message_se(expr, #expr)
+#endif
+
+#define assert_not_reached()                                            \
+        log_assert_failed_unreachable(PROJECT_FILE, __LINE__, __func__)
+
+#define assert_return(expr, r)                                          \
+        do {                                                            \
+                if (!assert_log(expr, #expr))                           \
+                        return (r);                                     \
+        } while (false)
+
+#define assert_return_errno(expr, r, err)                               \
+        do {                                                            \
+                if (!assert_log(expr, #expr)) {                         \
+                        errno = err;                                    \
+                        return (r);                                     \
+                }                                                       \
+        } while (false)

src/basic/dlfcn-util.h

@@ -3,6 +3,7 @@
 
 #include <dlfcn.h>
 
+#include "assert-util.h"
 #include "macro.h"
 
 static inline void* safe_dlclose(void *dl) {

src/basic/errno-util.h

@@ -5,6 +5,7 @@
 #include <stdlib.h>
 #include <string.h>
 
+#include "assert-util.h"
 #include "macro.h"
 
 /* strerror(3) says that glibc uses a maximum length of 1024 bytes. */

src/basic/log.c

@@ -78,11 +78,6 @@ static bool upgrade_syslog_to_journal = false;
 static bool always_reopen_console = false;
 static bool open_when_needed = false;
 static bool prohibit_ipc = false;
-static bool assert_return_is_critical = BUILD_MODE_DEVELOPER;
-
-/* Akin to glibc's __abort_msg; which is private and we hence cannot
- * use here. */
-static char *log_abort_msg = NULL;
 
 static thread_local const char *log_prefix = NULL;
 
@@ -950,61 +945,6 @@ int log_object_internal(
         return r;
 }
 
-static void log_assert(
-                int level,
-                const char *text,
-                const char *file,
-                int line,
-                const char *func,
-                const char *format) {
-
-        static char buffer[LINE_MAX];
-
-        if (_likely_(LOG_PRI(level) > log_max_level))
-                return;
-
-        DISABLE_WARNING_FORMAT_NONLITERAL;
-        (void) snprintf(buffer, sizeof buffer, format, text, file, line, func);
-        REENABLE_WARNING;
-
-        log_abort_msg = buffer;
-
-        log_dispatch_internal(level, 0, file, line, func, NULL, NULL, NULL, NULL, buffer);
-}
-
-_noreturn_ void log_assert_failed(
-                const char *text,
-                const char *file,
-                int line,
-                const char *func) {
-        log_assert(LOG_CRIT, text, file, line, func,
-                   "Assertion '%s' failed at %s:%u, function %s(). Aborting.");
-        abort();
-}
-
-_noreturn_ void log_assert_failed_unreachable(
-                const char *file,
-                int line,
-                const char *func) {
-        log_assert(LOG_CRIT, "Code should not be reached", file, line, func,
-                   "%s at %s:%u, function %s(). Aborting. 💥");
-        abort();
-}
-
-void log_assert_failed_return(
-                const char *text,
-                const char *file,
-                int line,
-                const char *func) {
-
-        if (assert_return_is_critical)
-                log_assert_failed(text, file, line, func);
-
-        PROTECT_ERRNO;
-        log_assert(LOG_DEBUG, text, file, line, func,
-                   "Assertion '%s' failed at %s:%u, function %s(), ignoring.");
-}
-
 int log_oom_internal(int level, const char *file, int line, const char *func) {
         return log_internal(level, ENOMEM, file, line, func, "Out of memory.");
 }
@@ -1318,14 +1258,6 @@ static int log_set_ratelimit_kmsg_from_string(const char *e) {
         return 0;
 }
 
-void log_set_assert_return_is_critical(bool b) {
-        assert_return_is_critical = b;
-}
-
-bool log_get_assert_return_is_critical(void) {
-        return assert_return_is_critical;
-}
-
 static int parse_proc_cmdline_item(const char *key, const char *value, void *data) {
 
         /*

src/basic/log.h

@@ -79,9 +79,6 @@ int log_show_tid_from_string(const char *e);
  * environment should not be called from library code — this is always a job
  * for the application itself. */
 
-assert_cc(STRLEN(__FILE__) > STRLEN(RELATIVE_SOURCE_PATH) + 1);
-#define PROJECT_FILE (&__FILE__[STRLEN(RELATIVE_SOURCE_PATH) + 1])
-
 bool stderr_is_journal(void);
 int log_open(void);
 void log_close(void);
@@ -185,24 +182,6 @@ int log_dump_internal(
                 const char *func,
                 char *buffer);
 
-/* Logging for various assertions */
-_noreturn_ void log_assert_failed(
-                const char *text,
-                const char *file,
-                int line,
-                const char *func);
-
-_noreturn_ void log_assert_failed_unreachable(
-                const char *file,
-                int line,
-                const char *func);
-
-void log_assert_failed_return(
-                const char *text,
-                const char *file,
-                int line,
-                const char *func);
-
 #define log_dispatch(level, error, buffer)                              \
         log_dispatch_internal(level, error, PROJECT_FILE, __LINE__, __func__, NULL, NULL, NULL, NULL, buffer)
 
@@ -336,9 +315,6 @@ void log_set_open_when_needed(bool b);
  * stderr, the console or kmsg */
 void log_set_prohibit_ipc(bool b);
 
-void log_set_assert_return_is_critical(bool b);
-bool log_get_assert_return_is_critical(void) _pure_;
-
 int log_dup_console(void);
 
 int log_syntax_internal(