GNOME Bugzilla – Bug 758844
G_STATIC_ASSERT silently succeeds in 'undefined' situation
Last modified: 2017-06-12 14:24:33 UTC
When using G_STATIC_ASSERT on a variable, we in general cannot make any assertion about the variable value at compile-time. When using G_STATIC_ASSERT in such a scenario, there is no compile error though, G_STATIC_ASSERT behaves as if all was good. Test-case: #include <glib.h> int main (int argc, char **argv) { G_STATIC_ASSERT(argc == 4); return 0; } Contrast that with verify() from gnulib ( http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/verify.h;hb=HEAD ): ./static-assert.c:7:16: erreur: expression in static assertion is not constant verify(argc == 4); ^ /home/teuf/redhat/spice-common/common/verify.h:241:32: note: in definition of macro ‘verify’ # define verify(R) _GL_VERIFY (R, "verify (" #R ")") verify.h even explains the behaviour we get with G_STATIC_ASSERT: « One might think that an array size check would have the same effect, that is, that the type struct { unsigned int dummy[W]; } would work as well. However, inside a function, some compilers (such as C++ compilers and GNU C) allow local parameters and variables inside array size expressions. With these compilers, an array size check would not properly diagnose this misuse of the verify macro: »
My first thought would be that nobody would use G_STATIC_ASSERT to test a variable in that way — because it makes no sense conceptually — so relying on a compiler warning would be already too late in the process.
This could be a typo, or the person trying to use it this way may not realize it does not make sense to do that. In both cases, being notified about this would be better than silent acceptance as if all was good.
see also bug 686773
(In reply to Christophe Fergeau from comment #0) > When using G_STATIC_ASSERT on a variable, we in general cannot make any > assertion about the variable value at compile-time. When using > G_STATIC_ASSERT in such a scenario, there is no compile error though, > G_STATIC_ASSERT behaves as if all was good. > > Test-case: > #include <glib.h> > > int main (int argc, char **argv) > { > G_STATIC_ASSERT(argc == 4); > > return 0; > } > > Contrast that with verify() from gnulib ( > http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/verify.h; > hb=HEAD ): > > ./static-assert.c:7:16: erreur: expression in static assertion is not > constant > verify(argc == 4); On the basis of that error message, I think this is working because verify() is using _Static_assert() for you. That’s probably the best solution for us too. I think this is basically a duplicate of bug #686773, as Dan says. We might be able to improve the G_STATIC_ASSERT documentation a bit, but it does already say > the condition needs to be compile time computable If anybody has any suggestions for making that better, please re-open this bug report. *** This bug has been marked as a duplicate of bug 686773 ***
(In reply to Philip Withnall from comment #4) > We might > be able to improve the G_STATIC_ASSERT documentation a bit, but it does > already say > > the condition needs to be compile time computable > If anybody has any suggestions for making that better, please re-open this > bug report. This could be expanded as: "the condition needs to be compile time computable. If it is not, SPICE_STATIC_CHECK will succeed, this will not cause a compilation failure."
This macro is broken from C99 as C99 introduced variable arrays. However the old behaviour an C11 _Static_assert (which have very similar names) give error if expression is not constant so having a G_STATIC_ASSERT which is behaving differently than C89 and a similar feature of C11 is quite confusing. Also the proposed comment addition is not true for all compilers so macro won't be fully portable.