| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Andres Freund <andres(at)anarazel(dot)de> |
| Cc: | Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: warnings for invalid function casts |
| Date: | 2020-06-30 19:38:20 |
| Message-ID: | 496552.1593545900@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Andres Freund <andres(at)anarazel(dot)de> writes:
> On 2020-06-30 10:15:05 -0400, Tom Lane wrote:
>> I feel like what you propose to do here is just shifting the problem
>> around: we're still casting from a function pointer that describes one
>> concrete call ABI to a function pointer that describes some other concrete
>> call ABI. That is, "void (*ptr) (void)" is *not* disclaiming knowledge
>> of the function's signature, in the way that "void *ptr" disclaims
>> knowledge of what a data pointer points to. So if current gcc fails to
>> warn about that, that's just a random and indeed obviously wrong decision
>> that they might change someday.
> ISTM that it's unlikely that they'd warn about casting from one
> signature to another?
Uh, what? Isn't that *exactly* what this warning class does?
If it doesn't do that, what good is it? I mean, I can definitely
see the point of warning when you cast a function pointer to some
other not-ABI-compatible function pointer type, because that might
be a mistake, just like assigning "int *" to "double *" might be.
gcc 8's manual says
'-Wcast-function-type'
Warn when a function pointer is cast to an incompatible function
pointer. In a cast involving function types with a variable
argument list only the types of initial arguments that are provided
are considered. Any parameter of pointer-type matches any other
pointer-type. Any benign differences in integral types are
ignored, like 'int' vs. 'long' on ILP32 targets. Likewise type
qualifiers are ignored. The function type 'void (*) (void)' is
special and matches everything, which can be used to suppress this
warning. In a cast involving pointer to member types this warning
warns whenever the type cast is changing the pointer to member
type. This warning is enabled by '-Wextra'.
so it seems like they've already mostly crippled the type-safety of the
warning with the provision about "all pointer types are interchangeable"
:-(. But they certainly are warning about *some* cases of casting one
signature to another.
In any case, I think the issue here is what is the escape hatch for saying
that "I know this cast is okay, don't warn about it, thanks". Treating
"void (*) (void)" as special for that purpose is nothing more nor less
than a kluge, so another compiler might do it differently. Given the
POSIX restriction, I think we could reasonably use "void *" instead.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2020-06-30 19:43:36 | Re: SQL-standard function body |
| Previous Message | Andres Freund | 2020-06-30 19:29:56 | Re: pg_bsd_indent compiles bytecode |