'Re: Compile time assertions for gcc'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       gcc
Subject:    Re: Compile time assertions for gcc
From:       Fergus Henderson <fjh () cs ! mu ! oz ! au>
Date:       2001-04-30 18:40:52
[Download RAW message or body]

On 30-Apr-2001, David Howells <dhowells@cambridge.redhat.com> wrote:
> Andi Kleen <ak@suse.de> wrote:
> > I've not completed went through it, but your patch looks like you didn't
> > turn off side effects for the argument expression.
> 
> I had one of the gcc engineers who work for Redhat/Cygnus (Andrey Haley) look
> at it, and he said I should make sure it _did_ emit code in certain cases
> (something to do with the possibility of having a volatile argument).
> 
> > Without it the assert wouldn't be a true nop.
> 
> After much wrangling here, it was decided that it should be written such that
> it should return (condition_argument!=0).
> 
> This would allow you to change the assert macro from something like:
> 
> 	#define assert(X) if(X) ...
> 
> to something like:
> 
> 	#define assert(X) if(__builtin_ct_assertion(X,#X)) ...

If __builtin_ct_assertion() didn't evaluate its argument,
it would still be possible to define assert() to use it:

 	#define assert(X) (__builtin_ct_assertion((X),#X), ((X) ? ... : ...))

However, regardless of whether __builtin_ct_assertion() evaluates its
argument or not, you should not define assert() using __builtin_ct_assertion().
The assert() macro acts at runtime, not at compile time, and changing that
would break existing code.  For example, I've seen quite a bit of code that
uses `assert(0)':

	switch(x) {
		case 1:
			... handle case 1 ...
			break;
		case 2:
			... handle case 2 ...
			break;
		case 3:
			... handle case 3 ...
			break;
		default:
			/* this case should never occur */
			assert(0);
	}

If the definition of assert() was changed to use __builtin_ct_assertion,
this code would fail to compile, even though the code is fine, and the
failing assertion may never be reached at runtime.

You could define a macro with a different name that was implemented
using __builtin_ct_assertion() as shown above.  But you should not
call it `assert'.

-- 
Fergus Henderson <fjh@cs.mu.oz.au>  |  "I have always known that the pursuit
                                    |  of excellence is a lethal habit"
WWW: <http://www.cs.mu.oz.au/~fjh>  |     -- the last words of T. S. Garp.

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic