I got the impression that linus wanted two opposite things:
1) every possible bug made to scream out loud until the author
paid special attention to it and put it to bed with a
soothing declaration
2) completely bona fide promotions made to go silent and not
warn at all.
I don't see how he can really see 3arg_min/max as satisfying (2), since
the author will have to look at each and every existing min/max to
decide on a type with which to frontload the new min/max. So I felt
justified in mostly ignoring (2).
On the other hand, he did say something about -Wsignedstuff being too
verbose, so I'm not sure. Maybe the -W really does make noise about
some compares that wouldn't be flagged by the two constraints I
suggested? If so, perhaps that was what he wanted: a weaker and
more closely controlled -Wsignedgunggg.
> only problem seems to be signed/unsigned int comparison.
I don't know how you know that! You could be right - I don't know.
I haven't seen a tight enough specification of the basic problem
for me to be able to begin to formulate a generic solution. I've just
seen some examples, some more convincing than others.
> > const (typeof(a)) _a = ~(typeof(a))0
> > const (typeof(b)) _b = ~(typeof(b))0
> > if _a < 0 && _b > 0 || _a > 0 && b < 0
> > BUG() // one signed, the other unsigned
> > standard_max(a,b)
>
> if sizeof(typeof(a))==sizeof(int) && sizeof(typeof(b))==sizeof(int) &&
> ( _a < 0 && _b > 0 || _a > 0 && b < 0 )
> BUG() // signed unsigned int compare
What makes sizeof(int) so magic? Are you saying that the problems
don't arise between signed long long and unsigned long long? I saw
an example that seemed generic for all signed unsigned comparisons,
namely that signed int and unsigned int are compared as unsigned, so
(unsigned)2 < (signed)-1. Are you saying that signed long and unsigned
long are NOT compared as unsigned iff sizeof(long) != sizeof(int).
Woooo! Who wrote the C spec? No kidding? There is a special clause
for comparisons that use the native machine word?
And I was hoping that somebody could produce some gcc magic
replacement for BUG() that means "don't compile me". Perhaps
a bit of illegal assembler code with a line reference in?
Surely gcc must have something like __builtin_wont_compile()?
It just needs to be a leaf of the RTL that evokes a compile error.
Peter
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/