[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <CAPWQB7EGJsU3pP68S6+dLWi6NJhwb_ZyTVGgjX02yZRZm9J=FQ@mail.gmail.com>
Date: Fri, 25 Aug 2017 13:54:07 -0700
From: Joe Stringer <joe@....org>
To: Michal Nazarewicz <mina86@...a86.com>
Cc: LKML <linux-kernel@...r.kernel.org>,
Ian Abbott <abbotti@....co.uk>, Arnd Bergmann <arnd@...db.de>,
Kees Cook <keescook@...omium.org>
Subject: Re: [PATCH net-next] compiler: Document behavior compiling with -O0
On 25 August 2017 at 04:45, Michal Nazarewicz <mina86@...a86.com> wrote:
> On Thu, Aug 24 2017, Joe Stringer wrote:
>> Recent changes[0] to make use of __compiletime_assert() from container_of()
>> increased the scope of this macro, resulting in a wider set of
>> situations where developers cannot compile their code using "-O0". I
>> noticed this when making use of the macro in my own development, and
>> spent more time than I'd like to admit tracking the problem down. This
>> patch documents the behavior in lieu of a compile-time assertion
>> implementation that does not rely on optimizations.
>>
>> Example compilation failure:
>>
>> ./include/linux/compiler.h:547:38: error: call to ‘__compiletime_assert_94’ declared with attribute error: pointer type mismatch in container_of()
>> _compiletime_assert(condition, msg, __compiletime_assert_, __LINE__)
>> ^
>> ./include/linux/compiler.h:530:4: note: in definition of macro ‘__compiletime_assert’
>> prefix ## suffix(); \
>> ^~~~~~
>> ./include/linux/compiler.h:547:2: note: in expansion of macro ‘_compiletime_assert’
>> _compiletime_assert(condition, msg, __compiletime_assert_, __LINE__)
>> ^~~~~~~~~~~~~~~~~~~
>> ./include/linux/build_bug.h:46:37: note: in expansion of macro ‘compiletime_assert’
>> #define BUILD_BUG_ON_MSG(cond, msg) compiletime_assert(!(cond), msg)
>> ^~~~~~~~~~~~~~~~~~
>> ./include/linux/kernel.h:860:2: note: in expansion of macro ‘BUILD_BUG_ON_MSG’
>> BUILD_BUG_ON_MSG(!__same_type(*(ptr), ((type *)0)->member) && \
>> ^~~~~~~~~~~~~~~~
>>
>> [0] http://lkml.kernel.org/r/20170525120316.24473-7-abbotti@mev.co.uk
>>
>> Signed-off-by: Joe Stringer <joe@....org>
>> ---
>> include/linux/compiler.h | 5 +++++
>> 1 file changed, 5 insertions(+)
>>
>> diff --git a/include/linux/compiler.h b/include/linux/compiler.h
>> index eca8ad75e28b..bb640167fdac 100644
>> --- a/include/linux/compiler.h
>> +++ b/include/linux/compiler.h
>> @@ -517,6 +517,11 @@ static __always_inline void __write_once_size(volatile void *p, void *res, int s
>> # define __compiletime_error_fallback(condition) do { } while (0)
>> #endif
>>
>> +/*
>> + * __compiletime_assert() relies on compiler optimizations to remove the check
>> + * against '__cond' if 'condition' is false. As a result, compiling with -O0
>> + * will cause compilation errors here regardless of the value of 'condition'.
>> + */
>> #define __compiletime_assert(condition, msg, prefix, suffix) \
>> do { \
>> bool __cond = !(condition); \
>
> Could __builtin_choose_expr help here? Something like:
>
> #define __compiletime_assert(condition, msg, prefix, suffix) \
> do { \
> bool __cond = !(condition); \
> extern int prefix ## suffix(void) __compiletime_error(msg); \
> __builting_choose_expr(cond, prefix ## suffix(), 0); \
> __compiletime_error_fallback(__cond); \
> } while (0)
>
> Or better still, _Static_assert?
I tried both of the above, and they both complain that "condition"
isn't a constant.
Powered by blists - more mailing lists