Wtype-limits and functional range checks

Jan Smets jan.smets@alcatel-lucent.com
Tue Jul 24 20:04:00 GMT 2012


On 23/07/2012 20:05, Ángel González wrote:
> On 23/07/12 12:35, Jan Smets wrote:
>> Can anyone help me hacking this in or at least give me some hints how 
>> to do this.
>> (e.g, how do I know if value is used twice in the if()?)  I had a 
>> look at c-family/c-common.c but I don't see how this can be done.
>>
>> Any help is appreciated.
>>
>> Thanks
>>
>>  - Jan
> I would
> a) Replace all such usages with a macro like: CHECK_RANGE(value, 
> tSomeType_MIN, tSomeType_MAX) (or you could have a macro per type and 
> the min & max hardcoded on each one). This makes easy to change the 
> implementation later or even disable it depending on the compilation.
>
> b) Instead of doing the check, convert it to a call to an inline 
> function. If ((foo < min) || (foo > max)) will give the warning, but 
> if (check_range(foo, min, max)) won't, even if it's defined as:
> static inline int check_range(int value, int min, int max) {
>     return (value < min) || (value > max);
> }
> and thus completely optimized inline [you can also mark it as 
> __attribute__((always_inline)) if you want to force it, it still won't 
> warn... yet].
> ||

I did consider these options. But they're not user friendly IMHO.  I can 
surely tell 300 devs about this macro/inlined function. But how many 
will remember this after a month? A year ?

The result is that people start avoiding  MIN checks in their code and 
functionality gets broken.

So I still prefer a way to disable this checking when there is a 
larger-than and less-than compare of the same variables in the same if() 
block.

Where do I start? I don't expect people to do this for me, but I could 
use some pointers to get started.
Thanks

- Jan




More information about the Gcc-help mailing list