Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Array-size macro that rejects pointers

Tags:

arrays

c

c-preprocessor

macros

The standard array-size macro that is often taught is

#define ARRAYSIZE(arr) (sizeof(arr) / sizeof(arr[0]))

or some equivalent formation. However, this kind of thing silently succeeds when a pointer is passed in, and gives results that can seem plausible at runtime until things mysteriously fall apart.

It's all-too-easy to make this mistake: a function that has a local array variable is refactored, moving a bit of array manipulation into a new function called with the array as a parameter.

So, the question is: is there a "sanitary" macro to detect misuse of the ARRAYSIZE macro in C, preferably at compile-time? In C++ we'd just use a template specialized for array arguments only; in C, it seems we'll need some way to distinguish arrays and pointers. (If I wanted to reject arrays, for instance, I'd just do e.g. (arr=arr, ...) because array assignment is illegal).

like image 379
nneonneo Avatar asked Oct 18 '13 15:10

nneonneo

1 Answers

Linux kernel uses a nice implementation of ARRAY_SIZE to deal with this issue:

#define ARRAY_SIZE(arr) (sizeof(arr) / sizeof((arr)[0]) + __must_be_array(arr))

with

#define __must_be_array(a) BUILD_BUG_ON_ZERO(__same_type((a), &(a)[0]))

and 

#define __same_type(a, b) __builtin_types_compatible_p(typeof(a), typeof(b))

Of course this is portable only in GNU C as it makes use of two instrinsics: typeof operator and __builtin_types_compatible_p function. Also it uses their "famous" BUILD_BUG_ON_ZERO macro which is only valid in GNU C.

Assuming a compile time evaluation requirement (which is what we want), I don't know any portable implementation of this macro.

A "semi-portable" implementation (and which would not cover all cases) is:

#define ARRAY_SIZE(arr)  \     (sizeof(arr) / sizeof((arr)[0]) + STATIC_EXP(IS_ARRAY(arr)))

with

#define IS_ARRAY(arr)  ((void*)&(arr) == &(arr)[0]) #define STATIC_EXP(e)  \     (0 * sizeof (struct { int ARRAY_SIZE_FAILED:(2 * (e) - 1);}))

With gcc this gives no warning if argument is an array in -std=c99 -Wall but -pedantic would gives a warning. The reason is IS_ARRAY expression is not an integer constant expression (cast to pointer types and subscript operator are not allowed in integer constant expressions) and the bit-field width in STATIC_EXP requires an integer constant expression.

like image 92
ouah Avatar answered Sep 20 '22 17:09

ouah
Sign in to Comment

Related questions

How can I find the number of elements in an array?
Can I turn unsigned char into char and vice versa?
Converting from signed char to unsigned char and back again?
How do I get the unix timestamp in C as an int?
Fast method to copy memory with translation - ARGB to BGR
What is the reason for using a double pointer when adding a node in a linked list?
What's the difference between a null pointer and a void pointer?
How can I check if char* variable points to empty string?
readelf-like tool for Mac OS X? [closed]
Are pointers considered a method of calling by reference in C?
Convert RGB to Black & White in OpenCV
printf and long double
Where is `%p` useful with printf?
Why enclose blocks of C code in curly braces?
What's the best way to do a reverse 'for' loop with an unsigned index?
Perceptron learning algorithm not converging to 0
Post-increment on a dereferenced pointer?
C / C++ compiler warnings: do you clean up all your code to remove them or leave them in?
What are the differences between (and reasons to choose) tcmalloc/jemalloc and memory pools?
What is the type of string literals in C and C++?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!