diff options
author | Roland McGrath <roland@gnu.org> | 2004-01-02 22:16:49 +0000 |
---|---|---|
committer | Roland McGrath <roland@gnu.org> | 2004-01-02 22:16:49 +0000 |
commit | a28a0500c08d9ca3930e1282c2aba3161c403e2f (patch) | |
tree | 32ce5fffc4d167be9fe902ec634de2f7ad1685da | |
parent | 56b168be5d3d56f8a729acfb5072e0eca429157e (diff) | |
download | glibc-a28a0500c08d9ca3930e1282c2aba3161c403e2f.tar glibc-a28a0500c08d9ca3930e1282c2aba3161c403e2f.tar.gz glibc-a28a0500c08d9ca3930e1282c2aba3161c403e2f.tar.bz2 glibc-a28a0500c08d9ca3930e1282c2aba3161c403e2f.zip |
2003-12-30 Paul Eggert <eggert@twinsun.com>
* time/mktime.c (verify): New macro.
(time_t_is_integer, twos_complement_arithmetic,
right_shift_propagates_sign, base_year_is_a_multiple_of_100,
C99_integer_division): Document these longstanding assumptions in the
code, and verify them at compile-time.
-rw-r--r-- | time/mktime.c | 15 |
1 files changed, 14 insertions, 1 deletions
diff --git a/time/mktime.c b/time/mktime.c index 136984bad1..c91a84fce8 100644 --- a/time/mktime.c +++ b/time/mktime.c @@ -61,8 +61,19 @@ # define TIME_T_MAX TYPE_MAXIMUM (time_t) #endif -#define TM_YEAR_BASE 1900 +/* Verify a requirement at compile-time (unlike assert, which is runtime). */ +#define verify(name, assertion) struct name { char a[(assertion) ? 1 : -1]; } + +verify (time_t_is_integer, (time_t) 0.5 == 0); +verify (twos_complement_arithmetic, -1 == ~1 + 1); +verify (right_shift_propagates_sign, -1 >> 1 == -1); +/* The code also assumes that signed integer overflow silently wraps + around, but this assumption can't be stated without causing a + diagnostic on some hosts. */ + #define EPOCH_YEAR 1970 +#define TM_YEAR_BASE 1900 +verify (base_year_is_a_multiple_of_100, TM_YEAR_BASE % 100 == 0); #ifndef __isleap /* Nonzero if YEAR is a leap year (every 4 years, @@ -109,6 +120,8 @@ ydhms_tm_diff (int year, int yday, int hour, int min, int sec, return 1; else { + verify (C99_integer_division, -1 / 2 == 0); + /* Compute intervening leap days correctly even if year is negative. Take care to avoid int overflow. time_t overflow is OK, since only the low order bits of the correct time_t answer are needed. |