"Michael S. Tsirkin" <m...@redhat.com> writes:
> It's a familiar pattern: some code uses ARRAY_SIZE, then refactoring
> changes the argument from an array to a pointer to a dynamically
> allocated buffer. Code keeps compiling but any ARRAY_SIZE calls now
> return the size of the pointer divided by element size.
>
> Let's add build time checks to ARRAY_SIZE before we allow more
> of these in the code-base.
Yes, please!
> Signed-off-by: Michael S. Tsirkin <m...@redhat.com>
> ---
> include/qemu/osdep.h | 8 +++++++-
> 1 file changed, 7 insertions(+), 1 deletion(-)
>
> diff --git a/include/qemu/osdep.h b/include/qemu/osdep.h
> index 689f253..24bfda0 100644
> --- a/include/qemu/osdep.h
> +++ b/include/qemu/osdep.h
> @@ -199,7 +199,13 @@ extern int daemon(int, int);
> #endif
>
> #ifndef ARRAY_SIZE
> -#define ARRAY_SIZE(x) (sizeof(x) / sizeof((x)[0]))
> +/*
> + * &(x)[0] is always a pointer - if it's same type as x then the argument is
> a
> + * pointer, not an array as expected.
> + */
> +#define ARRAY_SIZE(x) ((sizeof(x) / sizeof((x)[0])) +
> QEMU_BUILD_BUG_ON_ZERO( \
> + __builtin_types_compatible_p(typeof(x), \
> + typeof(&(x)[0]))))
Please break the line near the operator, not within one of its operands:
#define ARRAY_SIZE(x) ((sizeof(x) / sizeof((x)[0])) \
+ QEMU_BUILD_BUG_ON_ZERO( \
__builtin_types_compatible_p(typeof(x), \
typeof(&(x)[0]))))
> #endif
>
> int qemu_daemon(int nochdir, int noclose);
With the confusing line break tiedied up:
Reviewed-by: Markus Armbruster <arm...@redhat.com>
