Re: [PATCH 1/1] minmax.h: Slightly relax the type checking done by min() and max().

From: Linus Torvalds
Date: Mon Nov 28 2022 - 14:43:17 EST

Next message: Mickaël Salaün: "Re: [PATCH -next] selftests/landlock: Fix selftest ptrace_test run fail"
Previous message: Ira Weiny: "Re: [PATCH V3 1/2] PCI/DOE: Remove the pci_doe_flush_mb() call"
In reply to: David Laight: "RE: [PATCH 1/1] minmax.h: Slightly relax the type checking done by min() and max()."
Next in thread: David Laight: "RE: [PATCH 1/1] minmax.h: Slightly relax the type checking done by min() and max()."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Nov 28, 2022 at 1:10 AM David Laight <David.Laight@xxxxxxxxxx> wrote:
>
> So you start with:
> unsigned int a;
> min(a, 5u)

That's not the case I worry about.

Look at something like this instead:

min(4u, -5l)

which we currently warn about, because the types are very different.

It's simply a dangerous thing to do, since the signedness is
ambiguous. We *need* to warn about it.

But with your patch, that warning goes away, and the '4u' is a
positive integer, so it gets turned into 'int', and now that
comparison gets done as a signed type and returns -5.

No?

Now, the above is obviously crazy code, and I would certainly hope
that we don't have anything quite that odd in the kernel. That example
is designed to be silly, but minimally show the issue.

You can't just say "because it has a positive _value_, we can now use
it as a signed type".

See what I'm saying?

Linus

Next message: Mickaël Salaün: "Re: [PATCH -next] selftests/landlock: Fix selftest ptrace_test run fail"
Previous message: Ira Weiny: "Re: [PATCH V3 1/2] PCI/DOE: Remove the pci_doe_flush_mb() call"
In reply to: David Laight: "RE: [PATCH 1/1] minmax.h: Slightly relax the type checking done by min() and max()."
Next in thread: David Laight: "RE: [PATCH 1/1] minmax.h: Slightly relax the type checking done by min() and max()."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]