lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Thu, 8 Feb 2007 08:33:30 -0800 (PST)
From:	Linus Torvalds <torvalds@...ux-foundation.org>
To:	Jeff Garzik <jeff@...zik.org>
cc:	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
	Andrew Morton <akpm@...ux-foundation.org>
Subject: Re: somebody dropped a (warning) bomb



On Thu, 8 Feb 2007, Jeff Garzik wrote:
>
> Just did a pull for the first time since 2.6.20, and a /megaton/ of new
> warnings have appeared, on Fedora Core 6/x86-64 "make allyesconfig".

That was due to the Makefile rule breakage. Hopefully it now _really_ is 
fixed. The

	CFLAGS += $(call cc-option,-Wno-pointer-sign,)

part effectively got dropped.

> All of the new warnings spew appear to be "pointers differ in signedness"
> warning.  Granted, we should care about these

The thing is, I'm _really_ sad we have to use that -Wno-pointer-sign 
thing. It's a real and valid warning. It finds really ugly code issues 
(unlike a lot of the other things). So it got dropped by mistake, but that 
is one warning that I'd actually like to resurrect (unlike a lot of other 
gcc warnings that I just think are crap to begin with).

However, we've got a metric shitload of code that passes in pointers to 
the wrong sign, so a lot of it would involve mindless changes that are 
likely to break real things. 

And the thing is, sometimes -Wpointer-sign-compare is just horribly 
broken. For example, you cannot write a "strlen()" that doesn't complain 
about "unsigned char *" vs "char *". And that is just a BUG.

I'm continually amazed at how totally clueless some gcc warnings are. 
You'd think that the people writing them are competent. And then sometimes 
they show just how totally incompetent they are, by making it impossible 
to use "unsigned char" arrays together with standard functions.

So a _lot_ of the warnings are real. But with no way to shut up the ones 
that aren't, it sadly doesn't matter one whit ;(

(And adding casts is just much worse than shutting up the warning 
entirely)

There should be a rule about warnings: if you can't shut up stylistic 
warnings on a site-by-site level without adding horribly syntactic stuff 
that is worse than what the warning is all about, the warning shouldn't 
exist.

			Linus
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ