| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <adazm3mqqh3.fsf@cisco.com> Date: Wed, 30 May 2007 08:30:00 -0700 From: Roland Dreier <rdreier@...co.com> To: openib-general@...nib.org Cc: linux-kernel@...r.kernel.org Subject: dealing with gcc 'comparison is always false' warnings (was: [PATCH] drivers/infiniband: fix comparsion between unsigned and negative) thanks... I'm wondering if there's a consensus among kernel hackers about changes like: > - if (hdr.cmd < 0 || hdr.cmd >= ARRAY_SIZE(ucma_cmd_table)) > + if (hdr.cmd >= ARRAY_SIZE(ucma_cmd_table)) > return -EINVAL; I understand that new gcc sees that hdr.cmd is unsigned and hence can't be < 0, and generates a warning for that, and having a build cluttered with warnings hides bugs and so on. However the code here looks quite sensible to me -- otherwise we end up with missing range checking if hdr.cmd ever changes to a signed type. This seems like a good way to introduce bugs: delete valid range checking code to shut up a silly gcc warning, and then change the type of a variable. Can't we just make gcc shut up about the comparison and generate no code for it because it knows it can't be true? - R. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists