This is the mail archive of the gcc-patches@gcc.gnu.org mailing list for the GCC project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [Patch] Conversion warnings when truncating 64-bit types (v1)


Martin von Loewis <Martin.vonLoewis@hpi.uni-potsdam.de> writes:

> To detect such errors better, this patch introduces a new type
> attribute, __w64__, and a new command line option, -Wp64 (64-bit
> portability warnings). The attribute can be attached to any type
> intended to hold the size of a memory block (or an offset into it);
> what these types are depends on the C library and the application
> (typically, size_t should be declared to be __w64__, at a minimum).
> 
> Then, if a conversion is attempted from a __w64__ type to a type
> shorter than 64 bits, a warning is issued if the -Wp64 flag was
> passed to the compiler. This warning is not active by default,
> as it can produce many false positives (e.g. for writing
>    int x = sizeof(struct stat); where struct stat is known to fit
> into 2**32 bytes on all relevant systems).

This is an interesting idea, but I think it would be more interesting
to disentangle it from 32-bit to 64-bit conversion.  The relevant
characteristic is not "type may hold a 64-bit value" but rather "type
may hold a memory size or offset."  So I think the name of the
attribute and the option should reflect that: e.g., __size_type__
rather than __w64__.  And if the option is used, we should warn
whenever such a type is converted to a type of lesser precision.

As DJ suggests, we could have an additional warning option for
converting such a type to a type without the attribute, even if the
latter type has the same precision.

And as Joseph points out, this should work with -Wcoercion.

Ian


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]