From: Jan Beulich <jbeulich@suse.com>
To: Ian Jackson <iwj@xenproject.org>
Cc: Wei Liu <wl@xen.org>, Anthony PERARD <anthony.perard@citrix.com>,
Andrew Cooper <andrew.cooper3@citrix.com>,
George Dunlap <george.dunlap@citrix.com>,
Julien Grall <julien@xen.org>,
Stefano Stabellini <sstabellini@kernel.org>,
xen-devel@lists.xenproject.org,
Manuel Bouyer <bouyer@antioche.eu.org>
Subject: Re: [PATCH] Fix error: array subscript has type 'char'
Date: Wed, 27 Jan 2021 09:31:48 +0100 [thread overview]
Message-ID: <2452d5cb-90ba-a4c4-a5e4-3070c5a676d2@suse.com> (raw)
In-Reply-To: <24592.22685.67161.585056@mariner.uk.xensource.com>
On 26.01.2021 18:59, Ian Jackson wrote:
> Manuel Bouyer writes ("Re: [PATCH] Fix error: array subscript has type 'char'"):
>> On Thu, Jan 14, 2021 at 03:16:15PM +0100, Manuel Bouyer wrote:
>>> On Thu, Jan 14, 2021 at 02:25:05PM +0100, Jan Beulich wrote:
>>>> Which means you're shifting the undefined-ness from the implementation
>
> The undefined-ness is in the *specification*. [1]
>
>>>> Isn't this something that wants changing in your ctype.h instead?
>>>> the functions (or macros), as per the C standard
>
> Jan, can you please check your facts before asserting the existence
> of a pretty blatant bug in a platform's implementation of basic C
> functions ?
>
> From my copy of C99+TC1+TC2, para 7.4:
>
> 1 In all cases the argument is an int, the value of which shall be
> representable as an unsigned char or shall equal the value of the
> macro EOF. If the argument has any other value, the behavior is
> undefined. [...]
>
> If char is signed, then it can contain -ve values. Those values are
> promoted to int by the usual integer promotions. Naturally such
> negative values are not representable as unsigned char. Passing them
> to ctype macros is UB.
I did read that part of the spec before replying. Irrespective
of the wording there it seems entirely unreasonable to me for
the spec to imply all use sites of the is...() functions to
have to use casts. Even more so that we all know (I suppose)
that casts can be dangerous as both potentially introducing
bugs (perhaps not at the point of their addition, but later
when code elsewhere gets changed) and keeping analysis tools
from actually spotting ones.
But yes, I'm not the maintainer of this code, so if you're
happy with such risks, so be it.
For the record, to me the less risky approach here would seem
to have been to make use of compilers allowing to choose
whether plain char is signed or unsigned, and force it to
unsigned for at least the affected components.
Jan
next prev parent reply other threads:[~2021-01-27 8:32 UTC|newest]
Thread overview: 96+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-01-12 18:12 [PATCH] Fix error: array subscript has type 'char' Manuel Bouyer
2021-01-12 18:12 ` [PATCH] NetBSD: Fix lock directory path Manuel Bouyer
2021-01-15 15:09 ` Roger Pau Monné
2021-01-15 15:13 ` Manuel Bouyer
2021-01-15 15:30 ` Andrew Cooper
2021-01-12 18:12 ` [PATCH] NetBSD hotplug: Introduce locking functions Manuel Bouyer
2021-01-27 15:57 ` Ian Jackson
2021-01-27 19:29 ` Manuel Bouyer
2021-01-28 14:05 ` Ian Jackson
2021-01-12 18:12 ` [PATCH] NetBSD hotplug: fix block unconfigure on destroy Manuel Bouyer
2021-01-15 15:27 ` Roger Pau Monné
2021-01-26 16:47 ` Manuel Bouyer
2021-01-27 9:40 ` Roger Pau Monné
2021-01-27 9:47 ` Manuel Bouyer
2021-01-12 18:12 ` [PATCH] NetBSD hotplug: handle case where vifname is not present Manuel Bouyer
2021-01-15 16:06 ` Roger Pau Monné
2021-01-26 16:49 ` Manuel Bouyer
2021-01-12 18:12 ` [PATCH] NetBSD: remove xenbackendd Manuel Bouyer
2021-01-15 15:31 ` Roger Pau Monné
2021-01-18 18:31 ` Andrew Cooper
2021-01-18 18:41 ` Manuel Bouyer
2021-01-12 18:12 ` [PATCH] NetBSD: use system-provided headers Manuel Bouyer
2021-01-15 16:01 ` Roger Pau Monné
2021-01-12 18:12 ` [PATCH] gdbsx: use right path for privcmd Manuel Bouyer
2021-01-18 18:03 ` Roger Pau Monné
2021-01-18 18:45 ` Andrew Cooper
2021-01-18 19:05 ` Manuel Bouyer
2021-01-12 18:12 ` [PATCH] libs/call: fix build on NetBSD Manuel Bouyer
2021-01-18 18:00 ` Roger Pau Monné
2021-01-12 18:12 ` [PATCH] libs/evtchn: " Manuel Bouyer
2021-01-18 18:01 ` Roger Pau Monné
2021-01-12 18:12 ` [PATCH] libs/foreignmemory: Implement " Manuel Bouyer
2021-01-18 17:49 ` Roger Pau Monné
2021-01-12 18:12 ` [PATCH] libs/gnttab: implement " Manuel Bouyer
2021-01-18 17:54 ` Roger Pau Monné
2021-01-26 17:05 ` Manuel Bouyer
2021-01-27 9:31 ` Roger Pau Monné
2021-01-12 18:12 ` [PATCH] libs/light: Switch NetBSD to QEMU_XEN Manuel Bouyer
2021-01-18 17:28 ` Roger Pau Monné
2021-01-12 18:12 ` [PATCH] libs/light: fix tv_sec printf format Manuel Bouyer
2021-01-18 18:19 ` Roger Pau Monné
2021-01-12 18:12 ` [PATCH] libs/light: fix uuid on NetBSD Manuel Bouyer
2021-01-15 17:27 ` Roger Pau Monné
2021-01-12 18:12 ` [PATCH] libs/light: make it build without setresuid() Manuel Bouyer
2021-01-18 18:16 ` Roger Pau Monné
2021-01-20 14:52 ` Ian Jackson
2021-01-20 15:13 ` Manuel Bouyer
2021-01-20 15:32 ` Ian Jackson
2021-01-20 16:56 ` Manuel Bouyer
2021-01-20 17:10 ` Ian Jackson
2021-01-20 17:20 ` Manuel Bouyer
2021-01-20 17:29 ` Ian Jackson
2021-01-27 16:03 ` Ian Jackson
2021-01-27 19:34 ` Manuel Bouyer
2021-01-28 11:39 ` Ian Jackson
2021-01-30 11:57 ` Manuel Bouyer
2021-01-12 18:12 ` [PATCH] libs/light: pass some infos to qemu Manuel Bouyer
2021-01-16 10:16 ` Roger Pau Monné
2021-01-16 11:25 ` Manuel Bouyer
2021-01-18 8:36 ` Roger Pau Monné
2021-01-18 8:52 ` Manuel Bouyer
2021-01-18 9:07 ` Roger Pau Monné
2021-01-18 9:24 ` Manuel Bouyer
2021-01-26 22:42 ` Manuel Bouyer
2021-01-27 9:06 ` Roger Pau Monné
2021-01-27 9:49 ` Manuel Bouyer
2021-01-12 18:12 ` [PATCH] libs/store: make build without PTHREAD_STACK_MIN Manuel Bouyer
2021-01-18 18:18 ` Roger Pau Monné
2021-01-18 18:56 ` Andrew Cooper
2021-01-18 19:05 ` Manuel Bouyer
2021-01-12 18:12 ` [PATCH] ocaml/libs/eventchn: drop unneeded evtchn.h Manuel Bouyer
2021-01-13 9:22 ` Christian Lindig
2021-01-13 9:40 ` Manuel Bouyer
2021-01-12 18:12 ` [PATCH] xenpaging.c: include errno.h Manuel Bouyer
2021-01-15 16:08 ` Roger Pau Monné
2021-01-12 18:12 ` [PATCH] xenpmd.c: use dynamic allocation Manuel Bouyer
2021-01-27 15:57 ` Ian Jackson
2021-01-12 18:12 ` [PATCH] xenstat_netbsd: remove usused code Manuel Bouyer
2021-01-18 18:06 ` Roger Pau Monné
2021-01-14 10:53 ` [PATCH] Fix error: array subscript has type 'char' Jan Beulich
2021-01-14 12:29 ` Manuel Bouyer
2021-01-14 13:25 ` Jan Beulich
2021-01-14 14:16 ` Manuel Bouyer
2021-01-26 17:44 ` Manuel Bouyer
2021-01-26 17:59 ` Ian Jackson
2021-01-27 8:31 ` Jan Beulich [this message]
2021-01-27 8:37 ` Jan Beulich
2021-01-27 13:53 ` [PATCH] Fix error: array subscript has type 'char' [and 1 more messages] Ian Jackson
2021-01-27 14:33 ` Jan Beulich
2021-01-27 16:21 ` Ian Jackson
2021-01-27 16:32 ` Jan Beulich
2021-01-27 16:52 ` George Dunlap
2021-01-27 17:00 ` Jan Beulich
2021-01-27 17:00 ` Ian Jackson
2021-01-18 19:08 ` NetBSD patches Andrew Cooper
2021-01-18 19:11 ` Manuel Bouyer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2452d5cb-90ba-a4c4-a5e4-3070c5a676d2@suse.com \
--to=jbeulich@suse.com \
--cc=andrew.cooper3@citrix.com \
--cc=anthony.perard@citrix.com \
--cc=bouyer@antioche.eu.org \
--cc=george.dunlap@citrix.com \
--cc=iwj@xenproject.org \
--cc=julien@xen.org \
--cc=sstabellini@kernel.org \
--cc=wl@xen.org \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).