Issue #25558: Use compile-time asserts.
This commit is contained in:
Serhiy Storchaka
parent
41a87637c0
commit
fad85aadb0
|
|
@ -36,6 +36,10 @@
|
||||||
#define Py_BUILD_ASSERT_EXPR(cond) \
|
#define Py_BUILD_ASSERT_EXPR(cond) \
|
||||||
(sizeof(char [1 - 2*!(cond)]) - 1)
|
(sizeof(char [1 - 2*!(cond)]) - 1)
|
||||||
|
|
||||||
|
#define Py_BUILD_ASSERT(cond) do { \
|
||||||
|
(void)Py_BUILD_ASSERT_EXPR(cond); \
|
||||||
|
} while(0)
|
||||||
|
|
||||||
/* Get the number of elements in a visible array
|
/* Get the number of elements in a visible array
|
||||||
|
|
||||||
This does not work on pointers, or arrays declared as [], or function
|
This does not work on pointers, or arrays declared as [], or function
|
||||||
|
|
|
||||||
|
|
@ -2386,7 +2386,7 @@ unique_key(CDataObject *target, Py_ssize_t index)
|
||||||
char *cp = string;
|
char *cp = string;
|
||||||
size_t bytes_left;
|
size_t bytes_left;
|
||||||
|
|
||||||
assert(sizeof(string) - 1 > sizeof(Py_ssize_t) * 2);
|
Py_BUILD_ASSERT(sizeof(string) - 1 > sizeof(Py_ssize_t) * 2);
|
||||||
cp += sprintf(cp, "%x", Py_SAFE_DOWNCAST(index, Py_ssize_t, int));
|
cp += sprintf(cp, "%x", Py_SAFE_DOWNCAST(index, Py_ssize_t, int));
|
||||||
while (target->b_base) {
|
while (target->b_base) {
|
||||||
bytes_left = sizeof(string) - (cp - string) - 1;
|
bytes_left = sizeof(string) - (cp - string) - 1;
|
||||||
|
|
|
||||||
|
|
@ -5329,19 +5329,19 @@ PyInit__datetime(void)
|
||||||
/* A 4-year cycle has an extra leap day over what we'd get from
|
/* A 4-year cycle has an extra leap day over what we'd get from
|
||||||
* pasting together 4 single years.
|
* pasting together 4 single years.
|
||||||
*/
|
*/
|
||||||
assert(DI4Y == 4 * 365 + 1);
|
Py_BUILD_ASSERT(DI4Y == 4 * 365 + 1);
|
||||||
assert(DI4Y == days_before_year(4+1));
|
assert(DI4Y == days_before_year(4+1));
|
||||||
|
|
||||||
/* Similarly, a 400-year cycle has an extra leap day over what we'd
|
/* Similarly, a 400-year cycle has an extra leap day over what we'd
|
||||||
* get from pasting together 4 100-year cycles.
|
* get from pasting together 4 100-year cycles.
|
||||||
*/
|
*/
|
||||||
assert(DI400Y == 4 * DI100Y + 1);
|
Py_BUILD_ASSERT(DI400Y == 4 * DI100Y + 1);
|
||||||
assert(DI400Y == days_before_year(400+1));
|
assert(DI400Y == days_before_year(400+1));
|
||||||
|
|
||||||
/* OTOH, a 100-year cycle has one fewer leap day than we'd get from
|
/* OTOH, a 100-year cycle has one fewer leap day than we'd get from
|
||||||
* pasting together 25 4-year cycles.
|
* pasting together 25 4-year cycles.
|
||||||
*/
|
*/
|
||||||
assert(DI100Y == 25 * DI4Y - 1);
|
Py_BUILD_ASSERT(DI100Y == 25 * DI4Y - 1);
|
||||||
assert(DI100Y == days_before_year(100+1));
|
assert(DI100Y == days_before_year(100+1));
|
||||||
|
|
||||||
one = PyLong_FromLong(1);
|
one = PyLong_FromLong(1);
|
||||||
|
|
|
||||||
|
|
@ -874,7 +874,7 @@ _write_size64(char *out, size_t value)
|
||||||
{
|
{
|
||||||
size_t i;
|
size_t i;
|
||||||
|
|
||||||
assert(sizeof(size_t) <= 8);
|
Py_BUILD_ASSERT(sizeof(size_t) <= 8);
|
||||||
|
|
||||||
for (i = 0; i < sizeof(size_t); i++) {
|
for (i = 0; i < sizeof(size_t); i++) {
|
||||||
out[i] = (unsigned char)((value >> (8 * i)) & 0xff);
|
out[i] = (unsigned char)((value >> (8 * i)) & 0xff);
|
||||||
|
|
|
||||||
|
|
@ -747,7 +747,8 @@ pyexpat_xmlparser_Parse_impl(xmlparseobject *self, PyObject *data,
|
||||||
s += MAX_CHUNK_SIZE;
|
s += MAX_CHUNK_SIZE;
|
||||||
slen -= MAX_CHUNK_SIZE;
|
slen -= MAX_CHUNK_SIZE;
|
||||||
}
|
}
|
||||||
assert(MAX_CHUNK_SIZE < INT_MAX && slen < INT_MAX);
|
Py_BUILD_ASSERT(MAX_CHUNK_SIZE <= INT_MAX);
|
||||||
|
assert(slen <= INT_MAX);
|
||||||
rc = XML_Parse(self->itself, s, (int)slen, isfinal);
|
rc = XML_Parse(self->itself, s, (int)slen, isfinal);
|
||||||
|
|
||||||
done:
|
done:
|
||||||
|
|
|
||||||
|
|
@ -43,7 +43,7 @@ _PyLong_AsTime_t(PyObject *obj)
|
||||||
val = PyLong_AsLongLong(obj);
|
val = PyLong_AsLongLong(obj);
|
||||||
#else
|
#else
|
||||||
long val;
|
long val;
|
||||||
assert(sizeof(time_t) <= sizeof(long));
|
Py_BUILD_ASSERT(sizeof(time_t) <= sizeof(long));
|
||||||
val = PyLong_AsLong(obj);
|
val = PyLong_AsLong(obj);
|
||||||
#endif
|
#endif
|
||||||
if (val == -1 && PyErr_Occurred()) {
|
if (val == -1 && PyErr_Occurred()) {
|
||||||
|
|
@ -60,7 +60,7 @@ _PyLong_FromTime_t(time_t t)
|
||||||
#if defined(HAVE_LONG_LONG) && SIZEOF_TIME_T == SIZEOF_LONG_LONG
|
#if defined(HAVE_LONG_LONG) && SIZEOF_TIME_T == SIZEOF_LONG_LONG
|
||||||
return PyLong_FromLongLong((PY_LONG_LONG)t);
|
return PyLong_FromLongLong((PY_LONG_LONG)t);
|
||||||
#else
|
#else
|
||||||
assert(sizeof(time_t) <= sizeof(long));
|
Py_BUILD_ASSERT(sizeof(time_t) <= sizeof(long));
|
||||||
return PyLong_FromLong((long)t);
|
return PyLong_FromLong((long)t);
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
|
|
@ -209,6 +209,8 @@ _PyTime_FromSeconds(int seconds)
|
||||||
/* ensure that integer overflow cannot happen, int type should have 32
|
/* ensure that integer overflow cannot happen, int type should have 32
|
||||||
bits, whereas _PyTime_t type has at least 64 bits (SEC_TO_MS takes 30
|
bits, whereas _PyTime_t type has at least 64 bits (SEC_TO_MS takes 30
|
||||||
bits). */
|
bits). */
|
||||||
|
Py_BUILD_ASSERT(INT_MAX <= _PyTime_MAX / SEC_TO_NS);
|
||||||
|
Py_BUILD_ASSERT(INT_MIN >= _PyTime_MIN / SEC_TO_NS);
|
||||||
assert((t >= 0 && t <= _PyTime_MAX / SEC_TO_NS)
|
assert((t >= 0 && t <= _PyTime_MAX / SEC_TO_NS)
|
||||||
|| (t < 0 && t >= _PyTime_MIN / SEC_TO_NS));
|
|| (t < 0 && t >= _PyTime_MIN / SEC_TO_NS));
|
||||||
t *= SEC_TO_NS;
|
t *= SEC_TO_NS;
|
||||||
|
|
@ -219,7 +221,7 @@ _PyTime_t
|
||||||
_PyTime_FromNanoseconds(PY_LONG_LONG ns)
|
_PyTime_FromNanoseconds(PY_LONG_LONG ns)
|
||||||
{
|
{
|
||||||
_PyTime_t t;
|
_PyTime_t t;
|
||||||
assert(sizeof(PY_LONG_LONG) <= sizeof(_PyTime_t));
|
Py_BUILD_ASSERT(sizeof(PY_LONG_LONG) <= sizeof(_PyTime_t));
|
||||||
t = Py_SAFE_DOWNCAST(ns, PY_LONG_LONG, _PyTime_t);
|
t = Py_SAFE_DOWNCAST(ns, PY_LONG_LONG, _PyTime_t);
|
||||||
return t;
|
return t;
|
||||||
}
|
}
|
||||||
|
|
@ -231,7 +233,7 @@ _PyTime_FromTimespec(_PyTime_t *tp, struct timespec *ts, int raise)
|
||||||
_PyTime_t t;
|
_PyTime_t t;
|
||||||
int res = 0;
|
int res = 0;
|
||||||
|
|
||||||
assert(sizeof(ts->tv_sec) <= sizeof(_PyTime_t));
|
Py_BUILD_ASSERT(sizeof(ts->tv_sec) <= sizeof(_PyTime_t));
|
||||||
t = (_PyTime_t)ts->tv_sec;
|
t = (_PyTime_t)ts->tv_sec;
|
||||||
|
|
||||||
if (_PyTime_check_mul_overflow(t, SEC_TO_NS)) {
|
if (_PyTime_check_mul_overflow(t, SEC_TO_NS)) {
|
||||||
|
|
@ -253,7 +255,7 @@ _PyTime_FromTimeval(_PyTime_t *tp, struct timeval *tv, int raise)
|
||||||
_PyTime_t t;
|
_PyTime_t t;
|
||||||
int res = 0;
|
int res = 0;
|
||||||
|
|
||||||
assert(sizeof(tv->tv_sec) <= sizeof(_PyTime_t));
|
Py_BUILD_ASSERT(sizeof(tv->tv_sec) <= sizeof(_PyTime_t));
|
||||||
t = (_PyTime_t)tv->tv_sec;
|
t = (_PyTime_t)tv->tv_sec;
|
||||||
|
|
||||||
if (_PyTime_check_mul_overflow(t, SEC_TO_NS)) {
|
if (_PyTime_check_mul_overflow(t, SEC_TO_NS)) {
|
||||||
|
|
@ -304,12 +306,12 @@ _PyTime_FromObject(_PyTime_t *t, PyObject *obj, _PyTime_round_t round,
|
||||||
else {
|
else {
|
||||||
#ifdef HAVE_LONG_LONG
|
#ifdef HAVE_LONG_LONG
|
||||||
PY_LONG_LONG sec;
|
PY_LONG_LONG sec;
|
||||||
assert(sizeof(PY_LONG_LONG) <= sizeof(_PyTime_t));
|
Py_BUILD_ASSERT(sizeof(PY_LONG_LONG) <= sizeof(_PyTime_t));
|
||||||
|
|
||||||
sec = PyLong_AsLongLong(obj);
|
sec = PyLong_AsLongLong(obj);
|
||||||
#else
|
#else
|
||||||
long sec;
|
long sec;
|
||||||
assert(sizeof(PY_LONG_LONG) <= sizeof(_PyTime_t));
|
Py_BUILD_ASSERT(sizeof(PY_LONG_LONG) <= sizeof(_PyTime_t));
|
||||||
|
|
||||||
sec = PyLong_AsLong(obj);
|
sec = PyLong_AsLong(obj);
|
||||||
#endif
|
#endif
|
||||||
|
|
@ -364,10 +366,10 @@ PyObject *
|
||||||
_PyTime_AsNanosecondsObject(_PyTime_t t)
|
_PyTime_AsNanosecondsObject(_PyTime_t t)
|
||||||
{
|
{
|
||||||
#ifdef HAVE_LONG_LONG
|
#ifdef HAVE_LONG_LONG
|
||||||
assert(sizeof(PY_LONG_LONG) >= sizeof(_PyTime_t));
|
Py_BUILD_ASSERT(sizeof(PY_LONG_LONG) >= sizeof(_PyTime_t));
|
||||||
return PyLong_FromLongLong((PY_LONG_LONG)t);
|
return PyLong_FromLongLong((PY_LONG_LONG)t);
|
||||||
#else
|
#else
|
||||||
assert(sizeof(long) >= sizeof(_PyTime_t));
|
Py_BUILD_ASSERT(sizeof(long) >= sizeof(_PyTime_t));
|
||||||
return PyLong_FromLong((long)t);
|
return PyLong_FromLong((long)t);
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
|
|
@ -650,7 +652,7 @@ pymonotonic(_PyTime_t *tp, _Py_clock_info_t *info, int raise)
|
||||||
assert(info == NULL || raise);
|
assert(info == NULL || raise);
|
||||||
|
|
||||||
ticks = GetTickCount64();
|
ticks = GetTickCount64();
|
||||||
assert(sizeof(ticks) <= sizeof(_PyTime_t));
|
Py_BUILD_ASSERT(sizeof(ticks) <= sizeof(_PyTime_t));
|
||||||
t = (_PyTime_t)ticks;
|
t = (_PyTime_t)ticks;
|
||||||
|
|
||||||
if (_PyTime_check_mul_overflow(t, MS_TO_NS)) {
|
if (_PyTime_check_mul_overflow(t, MS_TO_NS)) {
|
||||||
|
|
@ -774,8 +776,5 @@ _PyTime_Init(void)
|
||||||
if (_PyTime_GetMonotonicClockWithInfo(&t, NULL) < 0)
|
if (_PyTime_GetMonotonicClockWithInfo(&t, NULL) < 0)
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
/* check that _PyTime_FromSeconds() cannot overflow */
|
|
||||||
assert(INT_MAX <= _PyTime_MAX / SEC_TO_NS);
|
|
||||||
assert(INT_MIN >= _PyTime_MIN / SEC_TO_NS);
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -379,7 +379,7 @@ _PyRandom_Init(void)
|
||||||
char *env;
|
char *env;
|
||||||
unsigned char *secret = (unsigned char *)&_Py_HashSecret.uc;
|
unsigned char *secret = (unsigned char *)&_Py_HashSecret.uc;
|
||||||
Py_ssize_t secret_size = sizeof(_Py_HashSecret_t);
|
Py_ssize_t secret_size = sizeof(_Py_HashSecret_t);
|
||||||
assert(secret_size == sizeof(_Py_HashSecret.uc));
|
Py_BUILD_ASSERT(sizeof(_Py_HashSecret_t) == sizeof(_Py_HashSecret.uc));
|
||||||
|
|
||||||
if (_Py_HashSecret_Initialized)
|
if (_Py_HashSecret_Initialized)
|
||||||
return;
|
return;
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue