[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [XEN PATCH] xen/include/xen/lib.h: avoid undefined behavior.


  • To: Nicola Vetrini <nicola.vetrini@xxxxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx
  • From: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
  • Date: Thu, 15 Jun 2023 11:37:43 +0100
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=csWPI2a8l2nrLLK3Guftw/MEB5zQkVpYlI4F+L8ePQ0=; b=Il4hXSM+Fn3cV7S1rhJzr49rbmw1lnwzr/W7f2I7pENKPE1fo3JnLTfPsrh5A5uiVuPiPWPq3mZAj1tgzml8ASdLPrh7XlWWHPlqJdOc5oNd8eDbBv5wKyLAZ7tTzE2UrwaQeeG76OVzg1aXn2qu4EkE6LljLGYLdTkywJW8tUF/1+o7qbwogXO11sZpo2z6LGpGharn0oxvLbMi3u0XIbmb0FB11m1Q9LKsGD/S3k122oS6BKEtZQRazzHHGK7Q5d2AqqeuipyQgU3XwD0NTA06DXF7msl16t2Rbf1CcEKHoZxenPKpFuDxk6WH3uBTxgOMHpnYo48Tr/rydj8a1A==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=g6PVIVFy5huHUuqv8zsqmyzNd0zVpJwkAgFkECySoFCqBjUwvzJkdwIhcTgPaQa1uD/E85xfjgXgwYv3G6PQXxOK+18CeS9puJH0xntwVo3eLV0LbHKD+qZCttPr/LKgDzrd3HBPSmpZ738XpPUBlWNo8ga0AuiSsduWiugQMfd7CbSk8zG695S4HMXM31xhyyvJlnFVGTTNyLeicJCLGH5mkhI/AaT9NMZp8WTDJWkMz+0PYYOecmoVUBY+isYj+nyVC3D1qJF0DP/6IrRP8e3H1z8l/18tbBR+m+vZikjwbMXyg58eV+hauq7oImgmw235RIOwIB4Q/9DItMLQMA==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=citrix.com;
  • Cc: consulting@xxxxxxxxxxx, George Dunlap <george.dunlap@xxxxxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, Julien Grall <julien@xxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>
  • Delivery-date: Thu, 15 Jun 2023 10:38:17 +0000
  • Ironport-data: A9a23:F2k6GahuOJUUdLH+V0jyFDk2X1614REKZh0ujC45NGQN5FlHY01je htvUDuFOvneZDb1etB/Pdzg/R5X6pLdyNFqTgA++HszRHkb9cadCdqndUqhZCn6wu8v7q5Ex 55HNoSfdpBcolv0/ErF3m3J9CEkvU2wbuOgTrWCYmYpHlUMpB4J0XpLg/Q+jpNjne+3CgaMv cKai8DEMRqu1iUc3lg8sspvkzsx+qyq0N8klgZmP6sT4gaDzyB94K83fsldEVOpGuG4IcbiL wrz5OnR1n/U+R4rFuSknt7TGqHdauePVeQmoiM+t5mK2nCulARrukoIHKN0hXNsoyeIh7hMJ OBl7vRcf+uL0prkw4zxWzEAe8130DYvFLXveRBTuuTLp6HKnueFL1yDwyjaMKVBktubD12i+ tQZGhUkP0jTp9mRnoihTfVTq+t7MOn0adZ3VnFIlVk1DN4AaLWaGuDhwoYd2z09wMdTAfzZe swVLyJ1awjNaAFOPVFRD48imOCvhT/0dDgwRFC9/PJrpTSMilEvluGybLI5efTTLSlRtm+eq njL4CLSBRYCOcbE4TGE7mitlqnEmiaTtIc6TeTjracy2w3CroAVIB4wXnme+vyUs3KzcYhvD 1dJ1ywC9ZFnoSRHSfG4BXVUukWsuB8XXN5ZVfM39BuMzKv86RuWHWUCQXhKb9lOnN87Q3km2 0GEm/vtBCdzq/uFRHSF7LCWoDiufy8PIgcqbigCVhYB/9jlr6k5kx3UQ9BsVqWyi7XdGzv93 jSLpygWnKgIgIgA0KDT1VLahzOhoLDZQwhz4R/YNkq+9R9wboOhY42u6HDY4OxGIYLfSUOO1 FAbn+CO4eZICouC/BFhW80IFbCtov2CaTvVhAc2G4F7rmvxvXm+YYpX/TdyYl9zNdoJciPoZ 0mVvh5N4JhUPz2haqofj5+NNvnGBJPITbzNPs04pPIXCnStXGdrJB1TWHM=
  • Ironport-hdrordr: A9a23:jU3H1655awN1jxLg6QPXwdWCI+orL9Y04lQ7vn2ZFiY5TiXIra qTdaogviMc6Ax/ZJjvo6H4BEDyewK6yXcT2/htAV7CZnidhILMFu1fBOTZsl7d8kHFh4tgPO JbAtND4b7LfCZHZKTBgDVQeuxIqLfnzEnrv5an854Ed3AUV0gK1XYcNu/0KDwReOALP+taKH LKjfA32wZINE5nJvhSQRI+Lpr+juyOsKijTQ8NBhYh5gXLpTS06ITiGxzd8gYCXyhJybIC93 GAtwDi/K2sv9yy1xeZjgbonthrseqk7uEGKN2Hi8ATJDmpogG0ZL55U7nHkCEprPqp4FMKls CJhxs7Jcx8517YY2nwixrw3AvL1ioo9hbZuBKlqEqmhfa8aCMxCsJHi44cWhzF63A4tNU59K 5QxWqWu7deEBuFxU3GlpL1fiAvsnDxjWspkOYVgXAaeYwCaIVJpYha2E9OCp8PEA/z9YhiOu hzC8P34upQbDqhHjvkl1gq5ObpcmU4Hx+ATERHksuJ0wJOlHQ89EcczNx3pAZ2yLsND71/o8 jUOKVhk79DCuUMa7hmOesHScyrTkTQXBPlKgupUBTaPZBCH0iIh4/84b0z6u3vUocP1oEOlJ PIV04dnXIuenjpFdaF0PRwg1HwqV2GLHbQI/xllt1EUuWWfsuuDcTDciFhryKYmYRdPiWBMM zDf66/AJfYXB/T8MhyrkvDsqJpWAojuf0uy6cGsm2107L2w63Rx5rmmaXoVfPQOAdhfF/DKV 0+exW2DPl8zymQKwrFaV7qKjzQRnA=
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 15/06/2023 11:30 am, Nicola Vetrini wrote:
> Redefine BUILD_BUG_ON_ZERO to fully comply with C99 avoiding
> undefined behavior 58 ("A structure or union is defined as
> containing no named members (6.7.2.1)."
> This also avoids a dependency on the compiler and its version.
>
> Signed-off-by: Nicola Vetrini <nicola.vetrini@xxxxxxxxxxx>
> ---
>  xen/include/xen/lib.h | 16 +---------------
>  1 file changed, 1 insertion(+), 15 deletions(-)
>
> diff --git a/xen/include/xen/lib.h b/xen/include/xen/lib.h
> index 67fc7c1d7e..a266159b9f 100644
> --- a/xen/include/xen/lib.h
> +++ b/xen/include/xen/lib.h
> @@ -40,22 +40,8 @@
>      unlikely(ret_warn_on_);             \
>  })
>  
> -/* All clang versions supported by Xen have _Static_assert. */
> -#if defined(__clang__) || \
> -    (__GNUC__ > 4 || (__GNUC__ == 4 && __GNUC_MINOR__ >= 6))
> -/* Force a compilation error if condition is true */
> -#define BUILD_BUG_ON(cond) ({ _Static_assert(!(cond), "!(" #cond ")"); })
> -
> -/* Force a compilation error if condition is true, but also produce a
> -   result (of value 0 and type size_t), so the expression can be used
> -   e.g. in a structure initializer (or where-ever else comma expressions
> -   aren't permitted). */
> -#define BUILD_BUG_ON_ZERO(cond) \
> -    sizeof(struct { _Static_assert(!(cond), "!(" #cond ")"); })
> -#else
> -#define BUILD_BUG_ON_ZERO(cond) sizeof(struct { int:-!!(cond); })
> +#define BUILD_BUG_ON_ZERO(cond) (sizeof(char[(cond)? -1 : 1]) - 1U)
>  #define BUILD_BUG_ON(cond) ((void)BUILD_BUG_ON_ZERO(cond))
> -#endif

Getting rid of memberless structs is fine.  Getting rid of
_Static_assert() is absolutely not, because this change massively
obfuscates build time error messages.

The MISRA work can do whatever is necessary to get _Static_assert()
permitted for use globally across Xen.

~Andrew



 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.