That's caught by the solution proposed.
> - if the sizeof the arguments is different, it is a bug to have
> the _larger_ argument unsigned.
This can't be caught at compile time.
> - if one of the arguments is a constant, typeof will give you
> a mostly arbitrary value, making { unsigned int i,j; j = max(i,5);}
> return a bug.
?? I don't follow this at all. Typeof is deterministic, since the
gcc computer program is deterministic. Typeof MUST return the type of
the expression to which it applies. All expressions in C have
precisely computed types -I guess what you are saying is that that
the type of an expression may be context dependent, which I can easily
imagine in a random computer language, but seriously doubt for C.
C really does type calculations via narrowing :-o! Oh yeah!
Show me an instance of an expression that two differnt types depending
on context. I am prepared to be surprised, but dubious.
(umm ... what type is the "5" in "(short)5" ?? Why, signed integer, I
believe. It's truncated to short, modulo a language lawyer's second
opinion).
> - not forcing the person to actually set the type of the argument
> will allow things like
> {
> int user_land_value, buffer_size;
Nice integers.
> user_land_value = magic_from_user_land();
signed integer value.
> buffer_size = min(user_land_value, 10);
well, 10 is a signed integer constant. AFAIK you'd have to write "10u"
to get an unsigned integer constant. And yes, the latter would be
caught by my solution.
> buffer = memcpy(some_place, some_other_place, buffer_size); /* BOOM
> */
> }
> to not show a bug at all (10 is signed).
I see no bug.
There would be a bug if 10u were used and user_land_value were negative,
since then the result of min would be 10u (and this bug would be flagged
by my solution). But as things are, the result is user_land_value.
I just checked.
> Please, can we take this off of lkml... (btw, see the attached file
> for the bugs).
Are you SURE you can find the bugs! :-)
Peter
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/