[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
verify.h: don't accept non-constant expressions
From: |
Jim Meyering |
Subject: |
verify.h: don't accept non-constant expressions |
Date: |
Mon, 05 Sep 2005 19:07:18 +0200 |
I realized that verify and verify_expr would mistakenly accept an
invalid (non-constant) expression when compiled with gcc and when
the offending expression is within a function.
For example, without the change below, the following erroneous usage
would go undetected (i.e., would be successfully compiled) by gcc:
#include "verify.h"
static void foo (int n) { verify (n); }
With the fixed macros, gcc gives a compile-time diagnostic,
as we would expect:
$ gcc -c verify-test.c
verify-test.c: In function 'foo':
verify-test.c:2: error: size of array 'verify_error_if_non_const__' is
negative
I've applied this patch:
2005-09-05 Jim Meyering <address@hidden>
* verify.h (__builtin_constant_p) [__GNUC__ <= 2]: Define to 1.
(verify_type__) [verify_error_if_non_const__]: New member/test,
to help detect when verify or verify_expr is mistakenly passed
a non-constant argument within a function.
Index: lib/verify.h
===================================================================
RCS file: /fetish/cu/lib/verify.h,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -p -u -r1.5 -r1.6
--- lib/verify.h 11 Jul 2005 23:28:09 -0000 1.5
+++ lib/verify.h 5 Sep 2005 16:57:40 -0000 1.6
@@ -24,13 +24,23 @@
# define GL_CONCAT0(x, y) x##y
# define GL_CONCAT(x, y) GL_CONCAT0 (x, y)
+/* If gcc predates 3.0, then disable the check below to ensure
+ that verify_type__'s argument is a constant expression. */
+# if __GNUC__ <= 2
+# defined __builtin_constant_p(R) 1
+# endif
+
/* A type that is valid if and only if R is nonzero.
R should be an integer constant expression.
verify_type__ and verify_error_if_negative_size__ are symbols that
are private to this header file. */
# define verify_type__(R) \
- struct { int verify_error_if_negative_size__[(R) ? 1 : -1]; }
+ struct { \
+ /* Provoke a compile-time failure if R is a non-constant expression. */ \
+ int verify_error_if_non_const__[__builtin_constant_p (R) ? 1 : -1]; \
+ /* Provoke a compile-time failure if R is nonzero. */ \
+ int verify_error_if_negative_size__[(R) ? 1 : -1]; }
/* Verify requirement R at compile-time, as a declaration.
R should be an integer constant expression.
- verify.h: don't accept non-constant expressions,
Jim Meyering <=