[PATCH] debug: fix BUILD_BUG_ON() for non-constant expressions

[Ingo Molnar]

* Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx> wrote:

> On Sat, 16 Aug 2008, Rusty Russell wrote:
> > 
> > Interesting idea, but I've come to actually like the semantic explicitness of 
> > BUILD_BUG_ON.  There's a difference between "we should never get here" 
> > and "this should never exist".
> 
> Agreed. I think Alexey's patch is broken.
> 
> The thing is, BUILD_BUG_ON() is a different thing. It says "this is a 
> build error", while BUG_ON() says "this is an error if we reach it".
> 
> Very different.

agreed.

There's one aspect of BUILD_BUG_ON() that is quite dangerous though: it 
does not 'upgrade' into a runtime check if an expression is not 
constant. And it does not warn either. So BUILD_BUG_ON() can degrade 
into a no-op very silently, and that is inherently dangerous.

That aspect bit me once: i added a BUILD_BUG_ON() under the assumption 
that it would catch a mis-sized virtual memory sizing detail in 
arch/x86/, but it just remained silent.

To fix these problems i've added the two commits below to tip/core/debug 
[one to extend BUILD_BUG_ON, one to clean up its location] - any 
objections against that direction? I've started testing it through to 
make sure we dont have any stale non-constant BUILD_BUG_ON() instances 
around.

( Note, i have not changed BUILD_BUG_ON_ZERO() because that is used in 
  structure initializers so no comma expression can be used in them. 
  Such structure initializers wont allow non-constant expressions 
  anyway, so there's not much extra value in checking for that. )

( Note #2, BUILD_BUG_ON() had to remain a macro, so that
  __builtin_constant_expression_p() can do its work. )

	Ingo