Date: Sun, 6 Nov 2011 18:20:44 -0700 From: Warner Losh <imp@bsdimp.com> To: Rui Paulo <rpaulo@FreeBSD.org> Cc: Alexander Best <arundel@FreeBSD.org>, freebsd-toolchain@FreeBSD.org, Dimitry Andric <dim@FreeBSD.org> Subject: Re: [poc] buildkernel + clang + -Werror Message-ID: <3AE02E7D-A4BD-492D-97E4-9BA7538ECE89@bsdimp.com> In-Reply-To: <D33B52AF-854F-4FEB-A5DC-878017116C78@FreeBSD.org> References: <20111105102102.GA54596@freebsd.org> <20111106172835.GO2258@hoeg.nl> <20111106203316.GA73216@freebsd.org> <4EB6F38E.2080006@FreeBSD.org> <20111106205805.GA78142@freebsd.org> <C7A0F95A-0F55-47BF-AD60-66DDAEEC3EC7@FreeBSD.org> <242747B7-3EAE-4988-A975-DC58B0997A6F@bsdimp.com> <D33B52AF-854F-4FEB-A5DC-878017116C78@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Nov 6, 2011, at 5:47 PM, Rui Paulo wrote: > On Nov 6, 2011, at 4:36 PM, Warner Losh wrote: >=20 >> On Nov 6, 2011, at 2:13 PM, Rui Paulo wrote: >>> The only argument against this tautological check that I agree with = is when the code is explicitly trying to be safe. If the developer = checks for "i < 0" when indexing an array he/she is trying to guard = against possible pitfalls in the future when someone suddenly decides to = change the variable type to become signed. One possible security = vulnerability was avoided because that developer checked for negative = values. >>> I'm against turning this off by default, but it should not cause an = error. >>=20 >> Except when you pass args back and forth between signed and unsigned = and back again. If you check < 0 in the middle, that's one more = security bug you thought you had fixed, but really you've done nothing = with. >=20 >=20 > Of course, but in the context of the compiler checks this argument = doesn't apply. It is also useful for code where the default differs from system to = system. For example, char are signed on some architectures, and = unsigned on others. This warning would expose cases where the < 0 check = was done for safety from those where it was done in error. Warner=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3AE02E7D-A4BD-492D-97E4-9BA7538ECE89>