Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add -Wsign-compare to the project's CFLAGS #118

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

jgalar
Copy link
Member

@jgalar jgalar commented Mar 2, 2018

The lttng-tools code base has many erroneous comparisons between
signed and unsigned values.

While some uses are benign, like using a signed integer to loop
between 0 and sizeof(struct some_structure), there are many
cases where the "signed integer" result of a syscall
(e.g. sendmsg, recvmsg, read, write) is compared to an expected
structure size using the sizeof operator, which returns a result of type
size_t.

The following pattern:

ret = sendmsg(...);
if (ret < sizeof(struct some_structure)) {
	/* Handle error. */
}

is common and unsafe if the intention is to check for an error
(-1) and that the operation was completed (ret == sizeof(...)).

Follow-up patches address the various instances of the problem.

The Clean-up: prefix is used when the comparison was safe
and the change is mainly done to silence the warning.

The Fix: prefix is used when the commit fixes an unsafe
comparison and should be backported to previous versions.

The lttng-tools code base has many erroneous comparisons between
signed and unsigned values.

While some uses are benign, like using a signed integer to loop
between 0 and sizeof(struct some_structure), there are many
cases where the "signed integer" result of a syscall
(e.g. sendmsg, recvmsg, read, write) is compared to an expected
structure size using sizeof, which returns a result of type
size_t.

The following pattern:

ret = sendmsg(...);
if (ret < sizeof(struct some_structure)) {
	/* Handle error. */
}

is common and _unsafe_ if the intention is to check for an error
(-1) and that the operation was completed (ret == sizeof(...)).

Follow-up patches address the various instances of the problem.

The "Clean-up:" prefix is used when the comparison was safe
and the change is mainly done to silence the warning.

The "Fix:" prefix is used when the commit fixes an unsafe
comparison and should be backported to previous versions.

Signed-off-by: Jérémie Galarneau <[email protected]>
@jgalar jgalar added bug refactor Refactoring work that doesn't address a specific bug, but is done to improve code quality. labels May 31, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug help wanted refactor Refactoring work that doesn't address a specific bug, but is done to improve code quality.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant