From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.org/gmane.linux.lib.musl.general/2544 Path: news.gmane.org!not-for-mail From: Rich Felker Newsgroups: gmane.linux.lib.musl.general Subject: Re: NULL Date: Wed, 9 Jan 2013 10:36:30 -0500 Message-ID: <20130109153630.GZ20323@brightrain.aerifal.cx> References: <50ED4E45.6050801@barfooze.de> <50ED81BF.8030005@gentoo.org> <20130109144712.GY20323@brightrain.aerifal.cx> <50ED8A34.5070904@barfooze.de> Reply-To: musl@lists.openwall.com NNTP-Posting-Host: plane.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Trace: ger.gmane.org 1357745803 10732 80.91.229.3 (9 Jan 2013 15:36:43 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Wed, 9 Jan 2013 15:36:43 +0000 (UTC) To: musl@lists.openwall.com Original-X-From: musl-return-2545-gllmg-musl=m.gmane.org@lists.openwall.com Wed Jan 09 16:37:00 2013 Return-path: Envelope-to: gllmg-musl@plane.gmane.org Original-Received: from mother.openwall.net ([195.42.179.200]) by plane.gmane.org with smtp (Exim 4.69) (envelope-from ) id 1Tsxi6-0007O9-UN for gllmg-musl@plane.gmane.org; Wed, 09 Jan 2013 16:36:59 +0100 Original-Received: (qmail 5776 invoked by uid 550); 9 Jan 2013 15:36:43 -0000 Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: Original-Received: (qmail 5768 invoked from network); 9 Jan 2013 15:36:42 -0000 Content-Disposition: inline In-Reply-To: <50ED8A34.5070904@barfooze.de> User-Agent: Mutt/1.5.21 (2010-09-15) Xref: news.gmane.org gmane.linux.lib.musl.general:2544 Archived-At: On Wed, Jan 09, 2013 at 04:18:12PM +0100, John Spencer wrote: > >__attribute__ ((sentinel)) may be used. Adding this to the appropriate > >gtk headers (even just as a temporary debugging measure if it's not > >desirable permanently) would catch all the bugs calling gtk variadic > >functions. > > > > indeed this does emit a warning. however, it will only detect > sentinels, not other variadic arguments that are expected to be > pointers but will be passed as int instead. i haven't tested, but it > will most likely also cause crashes. Indeed, you are correct. I suspect most such uses _also_ have a sentinel where incorrect code will also mess up the sentinel, but in principle it's possible that this does not happen. A good system of static analysis for variadic functions would need some way to express the interface contract in terms of a predicate on the argument types (and possibly contents) of arguments. I'm not aware of any such system existing, so the matter falls back to whether we would really need it to avoid all these bugs. > >If we decide something is needed at the musl level, in my opinion the > >only acceptable solution is just replacing 0 with 0L unconditionally. > >Actually I'd like to remove the special-case for C++ and make NULL > >_always_ be defined to 0 or 0L, but I worry too many people would > >complain... > > yes, 0L is definitely nicer. > regarding C code, it would infact be more consequent if you make it > 0/0L there as well. > what issues could arise in C code when (void* ) 0 is replaced with 0L ? The original reason I left NULL with pointer type was to catch the other idiotic error: str[len]=NULL; i.e. confusion of NULL with ASCII NUL. However, this raises a good question: short of C11 _Generic, is it even possible for a program to detect whether NULL has integer or pointer type? I know of one way, but it's very obscure: int null_is_ptr_type() { char s[1][1+(int)NULL]; int i = 0; return sizeof s[i++], i; } Are there any ways that might actually affect/break programs? Rich