fix(emit_c): use NULL directly when no expressions (static initializer constexpr)

tbitcs · oz-agent · tbitcs · commit 18ababbc1d58 · 2026-06-01T07:20:25.000-04:00
A C static initializer can only use constant expressions. An array name
(e.g. model_expressions[]) is a constant address and legal; but a pointer
variable (const expr_def *ptr = NULL) is NOT a constant expression and
cannot appear as a field value in a static struct initializer.

Fix: when model.expressions is empty, emit nothing for the array and
use NULL literally in the ARBITER_generated_model struct initializer.
When expressions exist, emit the model_expressions[] array as before.

Also regenerated all 19 arbiter_model.{c,h} files with the fixed emitter.

Test added: test_emit_c_no_exprs_uses_null_directly verifies that empty-
expression models emit '.expressions = NULL' and no array declaration.

Co-Authored-By: Oz &lt;oz-agent@warp.dev&gt;
diff --git a/python/arbiter/emit_c.py b/python/arbiter/emit_c.py
@@ -219,7 +219,9 @@ def emit_c_source(model: CanonicalModel, header_name: str = "arbiter_model.h",
     lines.append("};")
     lines.append("")
 
-    # Expressions table
+    # Expressions table — only emit the array when there are entries.
+    # Never emit a pointer variable: a pointer's value is not a constant
+    # expression in C, so it cannot be used in a static struct initializer.
     expressions = getattr(model, "expressions", [])
     if expressions:
         lines.append("static const struct ARBITER_expr_def model_expressions[] = {")
@@ -235,9 +237,8 @@ def emit_c_source(model: CanonicalModel, header_name: str = "arbiter_model.h",
                 f".scale = {e['scale']} }},"
             )
         lines.append("};")
-    else:
-        lines.append("static const struct ARBITER_expr_def *model_expressions = NULL;")
-    lines.append("")
+        lines.append("")
+    # If no expressions, we emit nothing here and use NULL directly below.
 
     # Mode names
     if model.modes and emit_trace_strings:
@@ -257,6 +258,7 @@ def emit_c_source(model: CanonicalModel, header_name: str = "arbiter_model.h",
     schema_bytes = ", ".join(f"0x{schema_hex[j:j+2]}" for j in range(0, 64, 2))
 
     expr_count_total = len(getattr(model, "expressions", []))
+    exprs_field = "model_expressions" if expressions else "NULL"
     lines.extend([
         "const struct ARBITER_model ARBITER_generated_model = {",
         f'\t.name = "{model.name}",',
@@ -272,7 +274,7 @@ def emit_c_source(model: CanonicalModel, header_name: str = "arbiter_model.h",
         "\t.rules = model_rules,",
         "\t.conditions = model_conditions,",
         "\t.actions = model_actions,",
-        "\t.expressions = model_expressions,",
+        f"\t.expressions = {exprs_field},",
         "\t.mode_names = model_mode_names,",
         "};",
         "",
diff --git a/samples/battery_policy/src/arbiter_model.c b/samples/battery_policy/src/arbiter_model.c
@@ -32,8 +32,6 @@ static const struct ARBITER_rule_def model_rules[] = {
 	{ .id = 3, .rule_class = ARBITER_RULE_SAFETY_GUARD, .condition_start = 4, .condition_count = 2, .action_start = 0, .action_count = 1, .expr_start = 0, .expr_count = 0, .safety_goal_id = UINT16_MAX, .set_mode = 4, .safety_critical = true, .name = "rule.thermal_shutdown", .explanation = "Temperature out of safe range." },
 };
 
-static const struct ARBITER_expr_def *model_expressions = NULL;
-
 static const char *model_mode_names[] = {
 	"mode.charging",
 	"mode.critical",
@@ -56,6 +54,6 @@ const struct ARBITER_model ARBITER_generated_model = {
 	.rules = model_rules,
 	.conditions = model_conditions,
 	.actions = model_actions,
-	.expressions = model_expressions,
+	.expressions = NULL,
 	.mode_names = model_mode_names,
 };
diff --git a/samples/hydraulic_press/src/arbiter_model.c b/samples/hydraulic_press/src/arbiter_model.c
@@ -56,8 +56,6 @@ static const struct ARBITER_rule_def model_rules[] = {
 	{ .id = 7, .rule_class = ARBITER_RULE_SAFETY_GUARD, .condition_start = 14, .condition_count = 2, .action_start = 1, .action_count = 1, .expr_start = 0, .expr_count = 0, .safety_goal_id = UINT16_MAX, .set_mode = 5, .safety_critical = true, .name = "rule.twohand_release", .explanation = "Two-hand control released — operator may be in zone." },
 };
 
-static const struct ARBITER_expr_def *model_expressions = NULL;
-
 static const char *model_mode_names[] = {
 	"mode.approach",
 	"mode.estop",
@@ -85,6 +83,6 @@ const struct ARBITER_model ARBITER_generated_model = {
 	.rules = model_rules,
 	.conditions = model_conditions,
 	.actions = model_actions,
-	.expressions = model_expressions,
+	.expressions = NULL,
 	.mode_names = model_mode_names,
 };
diff --git a/tests/python/test_emit_c.py b/tests/python/test_emit_c.py
@@ -200,8 +200,9 @@ def test_emit_c_rules_have_expr_start_and_count():
     assert ".expr_count = 1" in src
 
 
-def test_emit_c_no_exprs_emits_null_pointer():
-    """A model with no compute expressions should emit a NULL pointer."""
+def test_emit_c_no_exprs_uses_null_directly():
+    """When there are no expressions, the model struct must use NULL directly
+    (not a pointer variable — pointer variables are not constant expressions)."""
     data = {
         "arb_version": 0.1,
         "model": "no_exprs",
@@ -215,7 +216,9 @@ def test_emit_c_no_exprs_emits_null_pointer():
     }
     model = canonicalize(data)
     src = emit_c_source(model)
-    assert "model_expressions = NULL" in src
+    # The array symbol must not be declared when empty (pointer var is not constexpr).
+    assert "model_expressions[]" not in src
+    assert ".expressions = NULL" in src
     assert ".expr_count = 0" in src
 
 
