util/format: add lower-bound assert on format

The generated util_format_description(), util_format_pack_description(), and util_format_unpack_description_generic() helpers assert format < PIPE_FORMAT_COUNT but not format >= 0. MSVC's prefast static analyzer reports C33010 (UNCHECKED_LOWER_BOUND_FOR_ENUMINDEX) on the subsequent array subscript, since it cannot prove the non-negative side of the bound. Extending the existing assert in the generator silences the warning across all three accessors. Reviewed-by: Jesse Natalie <jenatali@microsoft.com> Part-of: <https://gitlab.freedesktop.org/mesa/mesa/-/merge_requests/41447>
2026-05-19 15:48:19 +02:00 · 2026-05-08 15:36:13 -07:00 · 2026-05-08 15:36:13 -07:00 · f9e7b9568b
commit f9e7b9568b
parent 3ef1db42c7
1 changed files with 1 additions and 1 deletions
--- a/src/util/format/u_format_table.py
+++ b/src/util/format/u_format_table.py
@ -597,7 +597,7 @@ def write_format_table(formats):
        print("ATTRIBUTE_RETURNS_NONNULL const struct util_format_%sdescription *" % type)
        print("util_format_%sdescription%s(enum pipe_format format)" % (type, suffix))
        print("{")
-        print("   assert(format < PIPE_FORMAT_COUNT);")
+        print("   assert(format >= 0 && format < PIPE_FORMAT_COUNT);")
        print("   return &util_format_%sdescriptions[format];" % (type))
        print("}")
        print()