maint: prefer static_assert to verify

* bootstrap.conf: Add assert-h. * gl/lib/randperm.c: Do not include verify.h. * gl/lib/randperm.c, src/basenc.c, src/dd.c, src/digest.c: * src/dircolors.c, src/expr.c, src/factor.c, src/ls.c, src/numfmt.c: * src/od.c, src/seq.c, src/shred.c, src/sort.c, src/stat.c: Prefer C23’s static_assert to nonstandard verify. * gl/modules/randperm (Depends-on): Add assert-h.
2024-11-27 03:44:26 +08:00 · 2022-09-15 00:55:08 -05:00 · 2022-09-15 00:55:08 -05:00 · 9a777a44b3
commit 9a777a44b3
parent 7363a58286
16 changed files with 49 additions and 45 deletions
--- a/bootstrap.conf
+++ b/bootstrap.conf
@ -35,6 +35,7 @@ gnulib_modules="
  argmatch
  argv-iter
  assert
+  assert-h
  attribute
  autobuild
  backupfile
--- a/gl/lib/randperm.c
+++ b/gl/lib/randperm.c
@ -28,7 +28,6 @@
 #include "attribute.h"
 #include "count-leading-zeros.h"
 #include "hash.h"
-#include "verify.h"
 #include "xalloc.h"

 /* Return the floor of the log base 2 of N.  If N is zero, return -1.  */
@ -36,7 +35,7 @@
 ATTRIBUTE_CONST static int
 floor_lg (size_t n)
 {
-  verify (SIZE_WIDTH <= ULLONG_WIDTH);
+  static_assert (SIZE_WIDTH <= ULLONG_WIDTH);
  return (n == 0 ? -1
          : SIZE_WIDTH <= UINT_WIDTH
          ? UINT_WIDTH - 1 - count_leading_zeros (n)
--- a/gl/modules/randperm
+++ b/gl/modules/randperm
@ -6,6 +6,7 @@ lib/randperm.c
 lib/randperm.h

 Depends-on:
+assert-h
 count-leading-zeros
 randint
 stdint
--- a/src/basenc.c
+++ b/src/basenc.c
@ -184,8 +184,8 @@ from any other non-alphabet bytes in the encoded stream.\n"),
 # define DEC_BLOCKSIZE (1024 * 5)

 /* Ensure that BLOCKSIZE is a multiple of 5 and 8.  */
-verify (ENC_BLOCKSIZE % 40 == 0);  /* So padding chars only on last block.  */
-verify (DEC_BLOCKSIZE % 40 == 0);  /* So complete encoded blocks are used.  */
+static_assert (ENC_BLOCKSIZE % 40 == 0); /* Padding chars only on last block.  */
+static_assert (DEC_BLOCKSIZE % 40 == 0); /* Complete encoded blocks are used.  */

 # define base_encode base32_encode
 # define base_decode_context base32_decode_context
@ -199,8 +199,8 @@ verify (DEC_BLOCKSIZE % 40 == 0);  /* So complete encoded blocks are used.  */
 # define DEC_BLOCKSIZE (1024 * 3)

 /* Ensure that BLOCKSIZE is a multiple of 3 and 4.  */
-verify (ENC_BLOCKSIZE % 12 == 0);  /* So padding chars only on last block.  */
-verify (DEC_BLOCKSIZE % 12 == 0);  /* So complete encoded blocks are used.  */
+static_assert (ENC_BLOCKSIZE % 12 == 0); /* Padding chars only on last block.  */
+static_assert (DEC_BLOCKSIZE % 12 == 0); /* Complete encoded blocks are used.  */

 # define base_encode base64_encode
 # define base_decode_context base64_decode_context
@ -215,8 +215,8 @@ verify (DEC_BLOCKSIZE % 12 == 0);  /* So complete encoded blocks are used.  */
 /* Note that increasing this may decrease performance if --ignore-garbage
   is used, because of the memmove operation below.  */
 # define DEC_BLOCKSIZE (4200)
-verify (DEC_BLOCKSIZE % 40 == 0); /* complete encoded blocks for base32 */
-verify (DEC_BLOCKSIZE % 12 == 0); /* complete encoded blocks for base64 */
+static_assert (DEC_BLOCKSIZE % 40 == 0); /* complete encoded blocks for base32 */
+static_assert (DEC_BLOCKSIZE % 12 == 0); /* complete encoded blocks for base64 */

 static int (*base_length) (int i);
 static bool (*isbase) (char ch);
--- a/src/dd.c
+++ b/src/dd.c
@ -327,20 +327,20 @@ enum
  };

 /* Ensure that we got something.  */
-verify (O_FULLBLOCK != 0);
-verify (O_NOCACHE != 0);
-verify (O_COUNT_BYTES != 0);
-verify (O_SKIP_BYTES != 0);
-verify (O_SEEK_BYTES != 0);
+static_assert (O_FULLBLOCK != 0);
+static_assert (O_NOCACHE != 0);
+static_assert (O_COUNT_BYTES != 0);
+static_assert (O_SKIP_BYTES != 0);
+static_assert (O_SEEK_BYTES != 0);

 #define MULTIPLE_BITS_SET(i) (((i) & ((i) - 1)) != 0)

 /* Ensure that this is a single-bit value.  */
-verify ( ! MULTIPLE_BITS_SET (O_FULLBLOCK));
-verify ( ! MULTIPLE_BITS_SET (O_NOCACHE));
-verify ( ! MULTIPLE_BITS_SET (O_COUNT_BYTES));
-verify ( ! MULTIPLE_BITS_SET (O_SKIP_BYTES));
-verify ( ! MULTIPLE_BITS_SET (O_SEEK_BYTES));
+static_assert ( ! MULTIPLE_BITS_SET (O_FULLBLOCK));
+static_assert ( ! MULTIPLE_BITS_SET (O_NOCACHE));
+static_assert ( ! MULTIPLE_BITS_SET (O_COUNT_BYTES));
+static_assert ( ! MULTIPLE_BITS_SET (O_SKIP_BYTES));
+static_assert ( ! MULTIPLE_BITS_SET (O_SEEK_BYTES));

 /* Flags, for iflag="..." and oflag="...".  */
 static struct symbol_value const flags[] =
--- a/src/digest.c
+++ b/src/digest.c
@ -311,8 +311,8 @@ static int const algorithm_bits[] =
  256, 384, 512, 512, 256, 0
 };

-verify (ARRAY_CARDINALITY (algorithm_bits)
-        == ARRAY_CARDINALITY (algorithm_args));
+static_assert (ARRAY_CARDINALITY (algorithm_bits)
+               == ARRAY_CARDINALITY (algorithm_args));

 static bool algorithm_specified = false;
 static enum Algorithm cksum_algorithm = crc;
--- a/src/dircolors.c
+++ b/src/dircolors.c
@ -67,7 +67,7 @@ static char const *const ls_codes[] =
  "so", "bd", "bd", "cd", "cd", "do", "ex", "lc", "lc", "rc", "rc", "ec", "ec",
  "su", "su", "sg", "sg", "st", "ow", "ow", "tw", "tw", "ca", "mh", "cl", NULL
 };
-verify (ARRAY_CARDINALITY (slack_codes) == ARRAY_CARDINALITY (ls_codes));
+static_assert (ARRAY_CARDINALITY (slack_codes) == ARRAY_CARDINALITY (ls_codes));

 /* Whether to output escaped ls color codes for display.  */
 static bool print_ls_colors;
--- a/src/expr.c
+++ b/src/expr.c
@ -44,7 +44,7 @@

 /* Various parts of this code assume size_t fits into unsigned long
   int, the widest unsigned type that GMP supports.  */
-verify (SIZE_MAX <= ULONG_MAX);
+static_assert (SIZE_MAX <= ULONG_MAX);

 /* The official name of this program (e.g., no 'g' prefix).  */
 #define PROGRAM_NAME "expr"
--- a/src/factor.c
+++ b/src/factor.c
@ -663,7 +663,7 @@ mp_factor_insert_ui (struct mp_factors *factors, unsigned long int prime)
 enum { W = sizeof (uintmax_t) * CHAR_BIT };

 /* Verify that uintmax_t does not have holes in its representation.  */
-verify (UINTMAX_MAX >> (W - 1) == 1);
+static_assert (UINTMAX_MAX >> (W - 1) == 1);

 #define P(a,b,c,d) a,
 static const unsigned char primes_diff[] = {
@ -696,7 +696,7 @@ static const struct primes_dtab primes_dtab[] = {

 /* Verify that uintmax_t is not wider than
   the integers used to generate primes.h.  */
-verify (W <= WIDE_UINT_BITS);
+static_assert (W <= WIDE_UINT_BITS);

 /* debugging for developers.  Enables devmsg().
   This flag is used only in the GMP code.  */
--- a/src/ls.c
+++ b/src/ls.c
@ -179,7 +179,7 @@ static char const filetype_letter[] = "?pcdb-lswd";

 /* Ensure that filetype and filetype_letter have the same
   number of elements.  */
-verify (sizeof filetype_letter - 1 == arg_directory + 1);
+static_assert (sizeof filetype_letter - 1 == arg_directory + 1);

 #define FILETYPE_INDICATORS				\
  {							\
@ -4042,8 +4042,8 @@ static qsortFunc const sort_functions[][2][2][2] =

   This line verifies at compile-time that the array of sort functions has been
   initialized for all possible sort keys. */
-verify (ARRAY_CARDINALITY (sort_functions)
-        == sort_numtypes - 2 + time_numtypes);
+static_assert (ARRAY_CARDINALITY (sort_functions)
+               == sort_numtypes - 2 + time_numtypes);

 /* Set up SORTED_FILE to point to the in-use entries in CWD_FILE, in order.  */

--- a/src/numfmt.c
+++ b/src/numfmt.c
@ -724,9 +724,10 @@ double_to_human (long double val, int precision,
 {
  int num_size;
  char fmt[64];
-  verify (sizeof (fmt) > (INT_BUFSIZE_BOUND (zero_padding_width)
-                          + INT_BUFSIZE_BOUND (precision)
-                          + 10 /* for %.Lf  etc.  */));
+  static_assert ((INT_BUFSIZE_BOUND (zero_padding_width)
+                  + INT_BUFSIZE_BOUND (precision)
+                  + 10 /* for %.Lf  etc.  */)
+                 < sizeof fmt);

  char *pfmt = fmt;
  *pfmt++ = '%';
--- a/src/od.c
+++ b/src/od.c
@ -94,7 +94,7 @@ enum
  };

 /* Ensure that our choice for FMT_BYTES_ALLOCATED is reasonable.  */
-verify (MAX_INTEGRAL_TYPE_SIZE * CHAR_BIT / 3 <= 99);
+static_assert (MAX_INTEGRAL_TYPE_SIZE * CHAR_BIT / 3 <= 99);

 /* Each output format specification (from '-t spec' or from
   old-style options) is represented by one of these structures.  */
@ -139,12 +139,13 @@ static unsigned int const bytes_to_hex_digits[] =
 /* It'll be a while before we see integral types wider than 16 bytes,
   but if/when it happens, this check will catch it.  Without this check,
   a wider type would provoke a buffer overrun.  */
-verify (MAX_INTEGRAL_TYPE_SIZE < ARRAY_CARDINALITY (bytes_to_hex_digits));
+static_assert (MAX_INTEGRAL_TYPE_SIZE < ARRAY_CARDINALITY (bytes_to_hex_digits));

 /* Make sure the other arrays have the same length.  */
-verify (sizeof bytes_to_oct_digits == sizeof bytes_to_signed_dec_digits);
-verify (sizeof bytes_to_oct_digits == sizeof bytes_to_unsigned_dec_digits);
-verify (sizeof bytes_to_oct_digits == sizeof bytes_to_hex_digits);
+static_assert (sizeof bytes_to_oct_digits == sizeof bytes_to_signed_dec_digits);
+static_assert (sizeof bytes_to_oct_digits
+               == sizeof bytes_to_unsigned_dec_digits);
+static_assert (sizeof bytes_to_oct_digits == sizeof bytes_to_hex_digits);

 /* Convert enum size_spec to the size of the named type.  */
 static const int width_bytes[] =
@ -162,7 +163,7 @@ static const int width_bytes[] =

 /* Ensure that for each member of 'enum size_spec' there is an
   initializer in the width_bytes array.  */
-verify (ARRAY_CARDINALITY (width_bytes) == N_SIZE_SPECS);
+static_assert (ARRAY_CARDINALITY (width_bytes) == N_SIZE_SPECS);

 /* Names for some non-printing characters.  */
 static char const charname[33][4] =
--- a/src/seq.c
+++ b/src/seq.c
@ -476,7 +476,7 @@ seq_fast (char const *a, char const *b, uintmax_t step)
 #define INITIAL_ALLOC_DIGITS 31
  size_t inc_size = MAX (MAX (p_len + 1, q_len), INITIAL_ALLOC_DIGITS);
  /* Ensure we only increase by at most 1 digit at buffer boundaries.  */
-  verify (SEQ_FAST_STEP_LIMIT_DIGITS < INITIAL_ALLOC_DIGITS - 1);
+  static_assert (SEQ_FAST_STEP_LIMIT_DIGITS < INITIAL_ALLOC_DIGITS - 1);

  /* Copy input strings (incl NUL) to end of new buffers.  */
  char *p0 = xmalloc (inc_size + 1);
--- a/src/shred.c
+++ b/src/shred.c
@ -108,7 +108,7 @@ enum { VERBOSE_UPDATE = 5 };
   The size must be a power of 2.  */
 enum { SECTOR_SIZE = 512 };
 enum { SECTOR_MASK = SECTOR_SIZE - 1 };
-verify (0 < SECTOR_SIZE && (SECTOR_SIZE & SECTOR_MASK) == 0);
+static_assert (0 < SECTOR_SIZE && (SECTOR_SIZE & SECTOR_MASK) == 0);

 enum remove_method
 {
@ -410,7 +410,7 @@ dopass (int fd, struct stat const *st, char const *qname, off_t *sizep,
  size_t page_size = getpagesize ();
 #define PERIODIC_OUTPUT_SIZE (60 * 1024)
 #define NONPERIODIC_OUTPUT_SIZE (64 * 1024)
-  verify (PERIODIC_OUTPUT_SIZE % 3 == 0);
+  static_assert (PERIODIC_OUTPUT_SIZE % 3 == 0);
  size_t output_size = periodic_pattern (type)
                       ? PERIODIC_OUTPUT_SIZE : NONPERIODIC_OUTPUT_SIZE;
 #define FILLPATTERN_SIZE (((output_size + 2) / 3) * 3) /* Multiple of 3 */
@ -512,8 +512,8 @@ dopass (int fd, struct stat const *st, char const *qname, off_t *sizep,
                     code works because lim is always a multiple of
                     SECTOR_SIZE, except at the end.  This size constraint
                     also enables direct I/O on some (file) systems.  */
-                  verify (PERIODIC_OUTPUT_SIZE % SECTOR_SIZE == 0);
-                  verify (NONPERIODIC_OUTPUT_SIZE % SECTOR_SIZE == 0);
+                  static_assert (PERIODIC_OUTPUT_SIZE % SECTOR_SIZE == 0);
+                  static_assert (NONPERIODIC_OUTPUT_SIZE % SECTOR_SIZE == 0);
                  if (errnum == EIO && known (size)
                      && (soff | SECTOR_MASK) < lim)
                    {
--- a/src/sort.c
+++ b/src/sort.c
@ -110,7 +110,7 @@ struct rlimit { size_t rlim_cur; };
   than with --parallel=1.  By contrast, using --parallel=1 is about 10%
   faster than using --parallel=2 with a 64K-line input.  */
 enum { SUBTHREAD_LINES_HEURISTIC = 128 * 1024 };
-verify (4 <= SUBTHREAD_LINES_HEURISTIC);
+static_assert (4 <= SUBTHREAD_LINES_HEURISTIC);

 /* The number of threads after which there are
   diminishing performance gains.  */
--- a/src/stat.c
+++ b/src/stat.c
@ -878,9 +878,10 @@ print_statfs (char *pformat, size_t prefix_len, MAYBE_UNUSED char mod, char m,
        uintmax_t fsid = statfsbuf->f_fsid;
 #else
        typedef unsigned int fsid_word;
-        verify (alignof (STRUCT_STATVFS) % alignof (fsid_word) == 0);
-        verify (offsetof (STRUCT_STATVFS, f_fsid) % alignof (fsid_word) == 0);
-        verify (sizeof statfsbuf->f_fsid % alignof (fsid_word) == 0);
+        static_assert (alignof (STRUCT_STATVFS) % alignof (fsid_word) == 0);
+        static_assert (offsetof (STRUCT_STATVFS, f_fsid) % alignof (fsid_word)
+                       == 0);
+        static_assert (sizeof statfsbuf->f_fsid % alignof (fsid_word) == 0);
        fsid_word const *p = (fsid_word *) &statfsbuf->f_fsid;

        /* Assume a little-endian word order, as that is compatible