tech-toolchain archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Make __CTASSERT1 true static assert

On 19.09.2019 15:54, Martin Husemann wrote:
> On Thu, Sep 19, 2019 at 03:42:35PM +0200, Kamil Rytarowski wrote:
>> Our _CTASSERT is broken as it is not constant-time expression. We define
>> VLA which size can be in runtime -1 and trigger UB. Worse than UB is
>> that it does not validate whether the expression is valid.
> Well, it is not broken for all supported use cases and there is no
> runtime. So I still must be missing something here.

__CTASSERT is runtime VLA (at least in a number of cases).

Another example of the same thing is here:

int main(int argc, char **argv) { volatile int v[-argc]; return 0; }

This code will build and run (on amd64, aarch64, ..).

>>>> #include <sys/cdefs.h>
>>>> int main(int argc, char **argv) { __CTASSERT(argc < 0); return 0; }
>>> I think this is an abuse of __CTASSERT and should not be supported.
>> My patch proposal fixes this.
> I meant we should just fix the abuses and be done.

Fixing abuse is not complete fix as __CTASSERT is dummy today.

> Martin

Attachment: signature.asc
Description: OpenPGP digital signature

Home | Main Index | Thread Index | Old Index