From bb465be085ff8d1640f1d1c0bbb65605d85b5528 Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Fri, 14 Sep 2018 11:39:37 -0400 Subject: Revise our assertion and bug macros to work with -Wparentheses On GCC and Clang, there's a feature to warn you about bad conditionals like "if (a = b)", which should be "if (a == b)". However, they don't warn you if there are extra parentheses around "a = b". Unfortunately, the tor_assert() macro and all of its kin have been passing their inputs through stuff like PREDICT_UNLIKELY(expr) or PREDICT_UNLIKELY(!(expr)), both of which expand to stuff with more parentheses around "expr", thus suppressing these warnings. To fix this, this patch introduces new macros that do not wrap expr. They're only used when GCC or Clang is enabled (both define __GNUC__), since they require GCC's "({statement expression})" syntax extension. They're only used when we're building the unit-test variant of the object files, since they suppress the branch-prediction hints. I've confirmed that tor_assert(), tor_assert_nonfatal(), tor_assert_nonfatal_once(), BUG(), and IF_BUG_ONCE() all now give compiler warnings when their argument is an assignment expression. Fixes bug 27709. Bugfix on 0.0.6, where we first introduced the "tor_assert()" macro. --- changes/bug27709 | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 changes/bug27709 (limited to 'changes') diff --git a/changes/bug27709 b/changes/bug27709 new file mode 100644 index 0000000000..49e87cbb0a --- /dev/null +++ b/changes/bug27709 @@ -0,0 +1,4 @@ + o Minor bugfixes (code safety): + - Rewrite our assertion macros so that they no longer suppress + the compiler's -Wparentheses warnings on their inputs. Fixes bug 27709; + bugfix on 0.0.6. -- cgit v1.2.3-54-g00ecf