Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932193AbXBSMRY (ORCPT ); Mon, 19 Feb 2007 07:17:24 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S932194AbXBSMRY (ORCPT ); Mon, 19 Feb 2007 07:17:24 -0500 Received: from javad.com ([216.122.176.236]:2417 "EHLO javad.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932193AbXBSMRX (ORCPT ); Mon, 19 Feb 2007 07:17:23 -0500 From: Sergei Organov To: Bodo Eggert <7eggert@gmx.de> Cc: Linus Torvalds , =?utf-8?B?Si5BLiBN?= =?utf-8?B?YWdhbGzDg8ODw4PDgsKzbg==?= , Jan Engelhardt , Jeff Garzik , Linux Kernel Mailing List , Andrew Morton Subject: Re: somebody dropped a (warning) bomb References: <7Mj5f-3oz-21@gated-at.bofh.it> <7MktH-5EW-35@gated-at.bofh.it> <7Mmvy-vj-17@gated-at.bofh.it> <7MnBC-2fk-13@gated-at.bofh.it> <7MoQx-4p8-11@gated-at.bofh.it> <7MpjE-50z-7@gated-at.bofh.it> <7MpCS-5Fe-9@gated-at.bofh.it> <7MDd7-17w-1@gated-at.bofh.it> <7MGkB-62k-31@gated-at.bofh.it> <7NHoe-2Mb-37@gated-at.bofh.it> <7NMe9-1ZN-7@gated-at.bofh.it> <7Oagl-6bO-1@gated-at.bofh.it> <7ObvW-89N-23@gated-at.bofh.it> <7Oc8t-NS-1@gated-at.bofh.it> <87zm7ei836.fsf@javad.com> Date: Mon, 19 Feb 2007 15:17:03 +0300 In-Reply-To: (Bodo Eggert's message of "Fri, 16 Feb 2007 18:40:02 +0100 (CET)") Message-ID: <87ejomgx4w.fsf@javad.com> User-Agent: Gnus/5.110006 (No Gnus v0.6) XEmacs/21.4.19 (linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 2293 Lines: 72 Bodo Eggert <7eggert@gmx.de> writes: > On Fri, 16 Feb 2007, Sergei Organov wrote: [...] > I'll say it again: Either the code using unspecified chars is correct, or > it isn't. If it's correct, neither using with signed nor with unsigned > chars is a bug and you should not warn at all, and if it's not correct, > you should always warn. Instead, gcc warns on "code compiles for > $arch". Here is where we disagree. In my opinion, no matter what the sign of char for given architecture is, it's incorrect to pass either "signed char*" or "unsigned char*" argument to a function expecting "char*". >> > Therefore it's either always wrong to call your char* function with char*, >> > unsigned char* _and_ signed char unless you can guarantee not to overflow any >> > of them, or it's always correct to call char* functions with any kind >> > of these. >> >> How are you sure those who wrote foo(char*) agrees with your opinion or >> even understands all the involved issues? > > Let's asume we have this piece of buggy code. We compile it on an unsigned > char architecture. No warning. *BOOM* There should be warning, -- that's my point. "char" is different. "char" is distinct from either "signed char" or "unsigned char". Always. At least it's how C is defined. > Let's asume there is correct code, and we use it as designed: > Warning: Wrong arch > Warning: Wrong arch > Warning: Wrong arch > Warning: real issue > Warning: Wrong arch > Warning: Wrong arch > Warning: Wrong arch > Warning: Wrong arch > > Warning: Wrong arch > Warning: Wrong arch > Warning: Wrong arch > Warning: Wrong arch > Warning: Wrong arch > > You don't see "real issue". *BOOM* > > > What can you do about this warning? Let's asume we cast everywhere: I already gave an answer in response to Linus: static inline size_t ustrlen(const unsigned char *s) { return strlen((const char *)s); } > > struct foo * p; > printf(strlen(char*)p); *BOOM* printf(ustrlen(p)); *NO BOOM* unsigned char* u; printf(ustrlen(u)); *NO WARNING* -- Sergei. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/