From: "Peter T. Breuer" <ptb@it.uc3m.es>
To: gordo@pincoya.com
Cc: "linux kernel" <linux-kernel@vger.kernel.org>
Subject: Re: [IDEA+RFC] Possible solution for min()/max() war
Date: Fri, 31 Aug 2001 03:19:58 +0200 (MET DST) [thread overview]
Message-ID: <200108310119.f7V1Jws18144@oboe.it.uc3m.es> (raw)
In-Reply-To: <20010830174227.A10673@furble> from "Gordon Oliver" at "Aug 30, 2001 05:42:27 pm"
"A month of sundays ago Gordon Oliver wrote:"
[Charset ISO-8859-1 unsupported, filtering to ASCII...]
> On 2001.08.30 16:27 Peter T. Breuer wrote:
> > Possibly. I have little clue as to the real extent of the problem.
>
> You've missed the _vast_ majority of the real problems. And there is
> no way to fix some of them...
> - if the sizeof the arguments is the same, it is a bug to have
> signed vs. unsigned.
That's caught by the solution proposed.
> - if the sizeof the arguments is different, it is a bug to have
> the _larger_ argument unsigned.
This can't be caught at compile time.
> - if one of the arguments is a constant, typeof will give you
> a mostly arbitrary value, making { unsigned int i,j; j = max(i,5);}
> return a bug.
?? I don't follow this at all. Typeof is deterministic, since the
gcc computer program is deterministic. Typeof MUST return the type of
the expression to which it applies. All expressions in C have
precisely computed types -I guess what you are saying is that that
the type of an expression may be context dependent, which I can easily
imagine in a random computer language, but seriously doubt for C.
C really does type calculations via narrowing :-o! Oh yeah!
Show me an instance of an expression that two differnt types depending
on context. I am prepared to be surprised, but dubious.
(umm ... what type is the "5" in "(short)5" ?? Why, signed integer, I
believe. It's truncated to short, modulo a language lawyer's second
opinion).
> - not forcing the person to actually set the type of the argument
> will allow things like
> {
> int user_land_value, buffer_size;
Nice integers.
> user_land_value = magic_from_user_land();
signed integer value.
> buffer_size = min(user_land_value, 10);
well, 10 is a signed integer constant. AFAIK you'd have to write "10u"
to get an unsigned integer constant. And yes, the latter would be
caught by my solution.
> buffer = memcpy(some_place, some_other_place, buffer_size); /* BOOM
> */
> }
> to not show a bug at all (10 is signed).
I see no bug.
There would be a bug if 10u were used and user_land_value were negative,
since then the result of min would be 10u (and this bug would be flagged
by my solution). But as things are, the result is user_land_value.
I just checked.
> Please, can we take this off of lkml... (btw, see the attached file
> for the bugs).
Are you SURE you can find the bugs! :-)
Peter
next parent reply other threads:[~2001-08-31 1:20 UTC|newest]
Thread overview: 158+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20010830174227.A10673@furble>
2001-08-31 1:19 ` Peter T. Breuer [this message]
2001-08-31 2:10 ` [IDEA+RFC] Possible solution for min()/max() war Peter T. Breuer
2001-08-31 7:43 ` Jonathan Lundell
2001-08-31 8:27 ` Alex Bligh - linux-kernel
[not found] <m2bskndlkt.fsf@sympatico.ca>
2001-09-07 17:39 ` Peter T. Breuer
2001-09-06 1:51 Rick Hohensee
2001-09-06 10:12 ` VDA
-- strict thread matches above, loose matches on Subject: below --
2001-09-04 13:17 Petr Vandrovec
2001-09-04 9:09 VDA
2001-09-03 23:16 David desJardins
2001-09-03 20:35 David desJardins
2001-09-04 8:08 ` VDA
[not found] <fa.eeq0k8v.1v28iaa@ifi.uio.no>
2001-08-31 18:40 ` Ted Unangst
2001-08-31 18:29 Andy Chou
2001-08-31 18:52 ` Roman Zippel
2001-08-31 18:24 Herbert Rosmanith
2001-08-31 18:13 Herbert Rosmanith
2001-08-31 17:41 Herbert Rosmanith
2001-08-31 17:57 ` Rik van Riel
[not found] <fa.ehba65v.10i6abc@ifi.uio.no>
[not found] ` <fa.odqvefv.g4k4j6@ifi.uio.no>
2001-08-31 15:45 ` ctm
2001-08-31 16:57 ` Roman Zippel
2001-08-31 14:28 Herbert Rosmanith
2001-08-31 14:37 ` Herbert Rosmanith
2001-08-31 14:28 Martin Knoblauch
2001-08-31 2:48 Rick Hohensee
2001-08-31 2:34 Andy Chou
[not found] <791753058.999219857@[169.254.198.40]>
2001-08-31 0:57 ` Peter T. Breuer
2001-08-30 20:44 Herbert Rosmanith
2001-08-30 21:06 ` Peter T. Breuer
2001-08-30 21:14 ` David Woodhouse
2001-08-30 21:32 ` Peter T. Breuer
2001-08-30 21:47 ` David Woodhouse
2001-08-30 21:56 ` Peter T. Breuer
2001-08-30 22:13 ` David Woodhouse
2001-08-30 22:47 ` Peter T. Breuer
2001-08-30 23:02 ` David Woodhouse
2001-08-31 0:08 ` Daniel Phillips
2001-08-30 21:49 ` Mark Zealey
2001-08-30 22:06 ` Peter T. Breuer
2001-08-30 22:14 ` Mark Zealey
2001-08-31 7:04 ` Herbert Rosmanith
2001-08-30 21:17 ` Richard B. Johnson
2001-08-30 21:45 ` Thomas Dodd
2001-08-30 21:46 ` Peter T. Breuer
2001-08-30 23:16 ` David Woodhouse
2001-08-30 23:33 ` David Wagner
2001-08-31 11:18 ` Bernd Schmidt
2001-08-30 20:35 Herbert Rosmanith
2001-08-30 17:32 mike_phillips
2001-08-30 17:45 ` Ion Badulescu
2001-08-30 9:56 Herbert Rosmanith
2001-08-30 13:09 ` Helge Hafting
[not found] <200108291905.f7TJ59T11456@wildsau.idv-edu.uni-linz.ac.at>
2001-08-29 19:11 ` Herbert Rosmanith
2001-08-29 1:33 Ignacio Vazquez-Abrams
[not found] <200108281746.f7SHk1O27199@lists.us.dell.com>
2001-08-28 19:33 ` Brad Chapman
2001-08-28 19:02 ` David Lang
2001-08-28 20:38 ` Brad Chapman
2001-08-28 19:25 ` David Lang
2001-08-28 20:34 ` Andreas Schwab
2001-08-28 20:42 ` Brad Chapman
2001-08-28 21:04 ` Christopher Friesen
2001-08-29 9:03 ` Helge Hafting
[not found] <20010825024248.J8296@router.ranmachan.dyndns.org>
2001-08-25 0:54 ` Brad Chapman
[not found] <20010825021651.I8296@router.ranmachan.dyndns.org>
2001-08-25 0:21 ` Brad Chapman
2001-08-24 22:42 Brad Chapman
2001-08-24 23:21 ` Ben LaHaise
2001-08-24 23:58 ` Brad Chapman
2001-08-25 0:13 ` Alexander Viro
2001-08-25 0:25 ` Brad Chapman
2001-08-25 0:34 ` Alexander Viro
2001-08-25 0:53 ` Brad Chapman
2001-08-25 1:15 ` Alexander Viro
2001-08-25 11:21 ` Brad Chapman
2001-08-27 0:02 ` Rusty Russell
2001-08-28 4:59 ` Linus Torvalds
2001-08-28 5:20 ` Alexander Viro
2001-08-28 5:51 ` Linus Torvalds
2001-08-28 11:10 ` Alan Cox
2001-08-28 14:15 ` Linus Torvalds
2001-08-28 20:06 ` John Alvord
2001-08-28 12:42 ` Roman Zippel
2001-08-28 13:27 ` Linus Torvalds
2001-08-28 14:19 ` Roman Zippel
2001-08-28 15:14 ` Linus Torvalds
2001-08-28 15:44 ` Henning P. Schmiedehausen
2001-08-28 15:55 ` Russell King
2001-08-28 16:05 ` Alan Cox
2001-08-28 16:53 ` Roman Zippel
2001-08-28 16:39 ` Roman Zippel
2001-08-28 21:51 ` Mike Castle
2001-08-29 0:33 ` Daniel Phillips
2001-08-29 1:13 ` Linus Torvalds
2001-08-29 15:42 ` Daniel Phillips
2001-08-29 16:02 ` David Lang
2001-08-29 23:49 ` Daniel Phillips
2001-08-30 2:05 ` Bill Rugolsky Jr.
2001-08-30 3:28 ` Linus Torvalds
2001-08-30 13:10 ` Ion Badulescu
2001-08-30 13:17 ` David Woodhouse
2001-08-30 13:26 ` Ion Badulescu
2001-08-30 16:09 ` Linus Torvalds
2001-08-30 16:28 ` Ion Badulescu
2001-08-31 12:50 ` Jamie Lokier
2001-08-31 13:45 ` Roman Zippel
2001-08-31 16:27 ` Jamie Lokier
2001-08-30 16:31 ` Ben LaHaise
2001-08-30 16:38 ` Peter T. Breuer
2001-08-30 19:51 ` David Weinehall
2001-08-30 20:16 ` Peter T. Breuer
2001-08-30 20:31 ` Daniel Phillips
[not found] ` <mit.lcs.mail.linux-kernel/200108301638.SAA04923@nbd.it.uc3m.es>
2001-08-30 22:42 ` Patrick J. LoPresti
2001-08-30 23:27 ` Peter T. Breuer
2001-08-31 0:55 ` Linus Torvalds
2001-08-31 1:28 ` Peter T. Breuer
2001-08-31 13:22 ` Peter T. Breuer
2001-08-31 14:02 ` Linus Torvalds
2001-08-31 15:34 ` Peter T. Breuer
2001-08-31 12:01 ` Roman Zippel
2001-08-31 12:13 ` Peter T. Breuer
2001-08-31 12:58 ` Roman Zippel
2001-08-31 13:29 ` Peter T. Breuer
2001-08-31 14:12 ` Roman Zippel
2001-08-31 14:28 ` Peter T. Breuer
2001-08-31 16:30 ` Roman Zippel
2001-09-07 0:52 ` Bill Pringlemeir
2001-09-07 7:26 ` Peter T. Breuer
2001-09-07 12:28 ` Horst von Brand
2001-09-07 18:03 ` Mark H. Wood
2001-09-07 10:58 ` Peter T. Breuer
2001-09-07 14:39 ` Bill Pringlemeir
2001-09-07 15:17 ` Peter T. Breuer
2001-08-30 13:49 ` Roman Zippel
2001-08-30 16:21 ` Linus Torvalds
2001-08-30 16:41 ` Christopher Friesen
2001-08-30 16:50 ` Linus Torvalds
2001-08-30 17:13 ` Roman Zippel
2001-08-31 1:28 ` Ion Badulescu
2001-08-31 5:08 ` Linus Torvalds
2001-08-31 12:37 ` Jamie Lokier
2001-08-31 13:54 ` Linus Torvalds
2001-08-30 17:01 ` Daniel Phillips
2001-08-30 17:03 ` Peter T. Breuer
2001-08-30 17:26 ` Daniel Phillips
2001-08-31 8:04 ` Kai Henningsen
2001-08-30 21:16 ` Graham Murray
2001-08-30 21:47 ` David Weinehall
2001-08-31 10:10 ` Helge Hafting
[not found] ` <mit.lcs.mail.linux-kernel/m266b51c5c.fsf@barnowl.demon.co.uk>
2001-08-30 22:26 ` Patrick J. LoPresti
2001-08-28 16:09 ` Andreas Schwab
2001-08-28 16:47 ` Roman Zippel
2001-08-28 17:12 ` Bill Rugolsky Jr.
2001-08-28 17:28 ` Roman Zippel
2001-08-28 17:29 ` Richard B. Johnson
2001-08-26 17:59 ` Bill Pringlemeir
2001-08-24 23:59 ` Brad Chapman
2001-08-25 0:07 ` David S. Miller
2001-08-25 0:18 ` Brad Chapman
2001-08-25 0:23 ` David S. Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200108310119.f7V1Jws18144@oboe.it.uc3m.es \
--to=ptb@it.uc3m.es \
--cc=gordo@pincoya.com \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).