benchmark: Replace assert with EXPECT

Author: vimpostor

src/bin/seccomp/seccomp_trap.c

@@ -114,8 +114,6 @@ int user_trap_syscalls(const int *nrs, size_t length, unsigned int flags) {
 	filter[i++] = (struct sock_filter) BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_KILL_PROCESS);
 
 	// now with the syscall nr still loaded, dynamically add checks for all syscall nrs we want to intercept
-	// Warning: If there are more nrs than MAX_FILTER_SIZE - 3, we may omit some system calls
-	// But this is still more sane than writing out of bounds
 	for (int j = 0; j < length; ++j) {
 		// jump if equal
 		filter[i].code = (unsigned short) BPF_JMP+BPF_JEQ+BPF_K;

tests/benchmark.c

@@ -1,6 +1,5 @@
 #define _GNU_SOURCE
 
-#include <assert.h>
 #include <fcntl.h>
 #include <linux/openat2.h>
 #include <math.h>
@@ -10,20 +9,22 @@
 #include <time.h>
 #include <unistd.h>
 
+#define EXPECT(cond) if (!(cond)) { fprintf(stderr, "Failed assert: %s\n", #cond); exit(EXIT_FAILURE); }
+
 void check_correct_fd(int fd) {
-	assert(fd >= 0);
+	EXPECT(fd >= 0);
 	static char c;
 
 	// we should be able to read from the file descriptor
 	ssize_t r = read(fd, &c, 1);
-	assert(r);
+	EXPECT(r);
 
 	// the read char should be either 'a' or 'b' or 'c', depending on whether system calls are intercepted and which file is read
-	assert((c == 'a') || (c == 'b') || (c == 'c'));
+	EXPECT((c == 'a') || (c == 'b') || (c == 'c'));
 
 	// close the descriptor again
 	int a = close(fd);
-	assert(!a);
+	EXPECT(!a);
 }
 
 int do_openat(const char *filename) {