This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [RFC][PATCH v3] Initial support for C11 Annex K Bounds checking functions


Thanks for your draft! I'm inclined to agree that in this case it's better to duplicate 
the check instead of outsourcing it to a separate file because I'm not sure whether 
GCC's stddef.h file can or should include other headers. I have changed your 
draft implementation a bit according to the following considerations.

After experimenting a bit, I came to the conclusion that
checking whether all definitions (including the ones with 
a non-integer value) of __STDC_WANT_LIB_EXT1__ are 100% identical is not (or not easily) 
possible via normal preprocessor statements. 

For example, the draft implementation will not catch the following inconsistent definition:
#define __STDC_WANT_LIB_EXT1__ 2
#include "string.h"

#define __STDC_WANT_LIB_EXT1__ 0
#include "stdlib.h"

I agree with Joseph that compiler (or preprocessor) support is required for catching 
all inconsistent definitions of __STDC_WANT_LIB_EXT1__. I'm not sure how this support
would like. Should it be something like the following?

#pragma GCC must_not_redefine __STDC_WANT_LIB_EXT1__

That might be a bit too general because Annex K states "shall be
defined identically for all inclusions of any headers from Clause 6." We could also
hard-code logic for __STDC_WANT_LIB_EXT1__ when "-std=c11" is specified but I'm not sure 
if this is a good idea. Personally, I also don't want to force users to compile
with -std=c11 only for getting a couple of _s functions declared - if we can avoid it.

As already indicated by Paul, the important thing from a glibc user's point of 
view, is to consistently include or to not include the Annex K functions within 
a translation unit. This is something that the draft implementation already 
accomplishes.

Thus, in my opinion we should not try to check for inconsistent definitions of 
__STDC_WANT_LIB_EXT1__ but check whether Annex K functionality is included consistently 
or not inside a preprocessor translation unit. This concept also serves us well if we 
decide that the Annex K functions should be available upon definition _GNU_SOURCE.

My proposal would be to include Annex K related functionality in all affected headers
in the following way:

/* Include C11 Annex K functions upon request.  */
#if (defined __STDC_WANT_LIB_EXT1__ &&  __STDC_WANT_LIB_EXT1__ == 1)

# if defined __GLIBC_USE_LIB_EXT1 && __GLIBC_USE_LIB_EXT1 == 0
#  error "Inconsistent definition of __STDC_WANT_LIB_EXT1__"
# endif
# ifndef __GLIBC_USE_LIB_EXT1
#  define __GLIBC_USE_LIB_EXT1 1
# endif

/* declare Annex K functions here. */

#else /* C11 Annex K functions not included */
# if defined __GLIBC_USE_LIB_EXT1 && __GLIBC_USE_LIB_EXT1 == 1
#  error "Inconsistent definition of __STDC_WANT_LIB_EXT1__"
# endif
# ifndef __GLIBC_USE_LIB_EXT1
#  define __GLIBC_USE_LIB_EXT1 0
# endif 
#endif /* C11 Annex K functions not included */


--Ulrich

On 09.06.2013 10:06, Paul Eggert wrote:
> On 06/07/2013 03:21 AM, Ulrich Bayer wrote:
>> Instead of misusing features.h (with global effects) we could create a new header 
>> called e.g. annex_k_protection.h which is included by all Annex K relevant headers. 
>> This header can then check whether __STDC_WANT_LIB_EXT1__ has the same value
>> for all inclusions of an Annex K header.  
> 
> Here's a draft implementation of that header.  Or, since this is short,
> perhaps we can just copy this text into all Annex K relevant headers.
> 
> #ifdef __GLIBC_LIB_EXT1__
> # if (__GLIBC_LIB_EXT1__ != \
>       (defined __STDC_WANT_LIB_EXT1__ ? __STDC_WANT_LIB_EXT1__ : -1))
> #  error "__STDC_WANT_LIB_EXT1__ defined inconsistently"
> # endif
> # undef __GLIBC_LIB_EXT1__
> #endif
> #ifndef __STDC_WANT_LIB_EXT1__
> # define __GLIBC_LIB_EXT1__ (-1)
> #elif __STDC_WANT_LIB_EXT1__ == 1
> # define __GLIBC_LIB_EXT1__ 1
> #else
> # define __GLIBC_LIB_EXT1__ 0
> #endif
> 


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]