git: 867b51452ea7 - main - libc: Add variadic assert in accordance with C23

Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: Robert Clausecker <fuz_at_FreeBSD.org>
Date: Sat, 30 May 2026 13:44:28 UTC
The branch main has been updated by fuz:

URL: https://cgit.FreeBSD.org/src/commit/?id=867b51452ea78ece0b312a387e63fdbc2a11056a

commit 867b51452ea78ece0b312a387e63fdbc2a11056a
Author:     Faraz Vahedi <kfv@kfv.io>
AuthorDate: 2026-05-28 07:31:29 +0000
Commit:     Robert Clausecker <fuz@FreeBSD.org>
CommitDate: 2026-05-30 13:43:51 +0000

    libc: Add variadic assert in accordance with C23
    
    Signed-off-by:  Faraz Vahedi <kfv@kfv.io>
    Reviewed by:    fuz
    MFC after:      1 month
    Pull Request:   https://github.com/freebsd/freebsd-src/pull/2203
---
 include/assert.h | 42 +++++++++++++++++++++++++++++++++++-------
 1 file changed, 35 insertions(+), 7 deletions(-)

diff --git a/include/assert.h b/include/assert.h
index 7dd48e61c082..159efacfa45b 100644
--- a/include/assert.h
+++ b/include/assert.h
@@ -46,16 +46,43 @@
 #undef __assert_unreachable
 
 #ifdef NDEBUG
-#define assert(e)	((void)0)
-#define _assert(e)	((void)0)
+#define assert(...)	((void)0)
+#define _assert(...)	((void)0)
 #if __BSD_VISIBLE
 #define __assert_unreachable()	__unreachable()
 #endif /* __BSD_VISIBLE */
 #else
-#define _assert(e)	assert(e)
-
-#define assert(e)	((e) ? (void)0 : __assert(__func__, __FILE__, \
-			    __LINE__, #e))
+#ifdef __cplusplus
+#if __cplusplus < 202002L
+/*
+ * C++ modes prior to C++20 cannot simultaneously satisfy all three
+ * desirable properties of the sanitiser:
+ *
+ *   Approach                       No double-eval  Lambda support  Arity check
+ *   -----------------------------  --------------  --------------  -----------
+ *   sizeof(cast(expression))       yes             no              yes
+ *   static_cast<bool>(expression)  no              yes             no
+ *   (void)bool(expression)         no              yes             no
+ *
+ *   NOTE: C++20 introduced lambdas in unevaluated contexts; see P0315R4.
+ *
+ * Since no approach satisfies all three below C++20, the least harmful
+ * choice is to forgo the check entirely rather than silently break one
+ * of the remaining guarantees.
+ *
+ */
+#define __assert_sanitize(...)	((void)0)
+#else
+#define __assert_sanitize(...)	(void)sizeof(((bool(*)(bool))0)(__VA_ARGS__))
+#endif /* __cplusplus < 202002L */
+#else
+#define __assert_sanitize(...)	(void)sizeof(((_Bool(*)(_Bool))0)(__VA_ARGS__))
+#endif /* __cplusplus */
+#define assert(...)	(__assert_sanitize(__VA_ARGS__),       \
+			    (__VA_ARGS__) ? (void)0 :          \
+			    __assert(__func__, __FILE__,       \
+			    __LINE__, #__VA_ARGS__))
+#define _assert(...)	assert(__VA_ARGS__)
 #if __BSD_VISIBLE
 #define __assert_unreachable()	assert(0 && "unreachable segment reached")
 #endif /* __BSD_VISIBLE */
@@ -76,7 +103,8 @@
  * C23 defines static_assert and its obsolescent alternative spelling,
  * _Static_assert, as keywords.
  */
-#if __ISO_C_VISIBLE >= 2011 && __ISO_C_VISIBLE < 2023 && !defined(__cplusplus)
+#if __ISO_C_VISIBLE >= 2011 && !defined(__cplusplus) && \
+    __STDC_VERSION__ < 202311L
 #define static_assert	_Static_assert
 #endif