On Tue, Oct 20, 2009 at 10:43 PM, Alan Jenkins
[off-list ref] wrote:

On 10/20/09, Am=C3=A9rico Wang [off-list ref] wrote:

quoted

On Tue, Oct 20, 2009 at 02:15:33PM +1030, Rusty Russell wrote:

quoted

BUILD_BUG_ON used to use the optimizer to do code elimination or fail
at link time; it was changed to first the size of a negative array (a
nicer compile time error), then (in
8c87df457cb58fe75b9b893007917cf8095660a0) to a bitfield.

bitfields: needs a literal constant at parse time, and can't be put unde=

r

quoted

quoted

=C2=A0 =C2=A0 =C2=A0"if (__builtin_constant_p(x))" for example.
negative array: can handle anything, but if the compiler can't tell it's
=C2=A0 =C2=A0 =C2=A0a constant, silently has no effect.
link time: breaks link if the compiler can't determine the value, but th=

e

quoted

quoted

=C2=A0 =C2=A0 =C2=A0linker output is not usually as informative as a co=

mpiler error.

quoted

quoted

If we use the negative-array-size method *and* the link time trick,
we get the ability to use BUILD_BUG_ON() under __builtin_constant_p()
branches, and maximal ability for the compiler to detect errors at
build time.

Signed-off-by: Rusty Russell <redacted>

diff --git a/include/linux/kernel.h b/include/linux/kernel.h
--- a/include/linux/kernel.h
+++ b/include/linux/kernel.h

@@ -683,12 +683,6 @@ struct sysinfo {

=C2=A0 =C2=A0 =C2=A0char _f[20-2*sizeof(long)-sizeof(int)]; /* Padding:=

 libc5 uses this.. */

quoted

quoted

};

-/* Force a compilation error if condition is true */
-#define BUILD_BUG_ON(condition) ((void)BUILD_BUG_ON_ZERO(condition))
-
-/* Force a compilation error if condition is constant and true */
-#define MAYBE_BUILD_BUG_ON(cond) ((void)sizeof(char[1 - 2 * !!(cond)]))
-
/* Force a compilation error if condition is true, but also produce a
=C2=A0 =C2=A0result (of value 0 and type size_t), so the expression can=

 be used

quoted

quoted

=C2=A0 =C2=A0e.g. in a structure initializer (or where-ever else comma =

expressions

quoted

quoted

@@ -696,6 +690,33 @@ struct sysinfo {

#define BUILD_BUG_ON_ZERO(e) (sizeof(struct { int:-!!(e); }))
#define BUILD_BUG_ON_NULL(e) ((void *)sizeof(struct { int:-!!(e); }))

+/**
+ * BUILD_BUG_ON - break compile if a condition is true.
+ * @cond: the condition which the compiler should know is false.
+ *
+ * If you have some code which relies on certain constants being equal,=

 or

quoted

quoted

+ * other compile-time-evaluated condition, you should use BUILD_BUG_ON =

to

quoted

quoted

+ * detect if someone changes it.
+ *
+ * The implementation uses gcc's reluctance to create a negative array,
but
+ * gcc (as of 4.4) only emits that error for obvious cases (eg. not
arguments
+ * to inline functions). =C2=A0So as a fallback we use the optimizer; i=

f it

quoted

quoted

can't
+ * prove the condition is false, it will cause a link error on the
undefined
+ * "__build_bug_on_failed". =C2=A0This error message can be harder to t=

rack

quoted

quoted

down
+ * though, hence the two different methods.
+ */
+#ifndef __OPTIMIZE__
+#define BUILD_BUG_ON(condition) ((void)sizeof(char[1 - 2*!!(condition)]=

))

quoted

quoted

+#else
+extern int __build_bug_on_failed;

Hmm, what exactly is __build_bug_on_failed?

Well, we haven't added a definition for it in this patch. =C2=A0I'm sure
grep will tell you it wasn't defined before hand either. =C2=A0So any
reference to it is an error - which will be reported at link time.

quoted

quoted

+#define BUILD_BUG_ON(condition) =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=

=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =
=C2=A0 =C2=A0 =C2=A0\

quoted

quoted

+ =C2=A0 =C2=A0 do { =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =

=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=
=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0\

quoted

quoted

+ =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 ((void)sizeof(char[1 - 2*!!(=

condition)])); =C2=A0 =C2=A0 =C2=A0\

quoted

quoted

+ =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 if (condition) __build_bug_o=

n_failed =3D 1; =C2=A0 =C2=A0 =C2=A0 \

If "condition" is known false at compile time, gcc -O will eliminate
the code which refers to __build_bug_on_failed. =C2=A0If it's not proved =

to

be false - it will break the build, which is exactly what we want
BUILD_BUG_ON to do.

Ah, clever trick! Got it.
Thanks!

Reviewed-by: WANG Cong <redacted>