From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 12792 invoked by alias); 12 Apr 2010 16:06:46 -0000 Received: (qmail 12672 invoked by uid 22791); 12 Apr 2010 16:06:45 -0000 X-SWARE-Spam-Status: No, hits=-1.9 required=5.0 tests=BAYES_00 X-Spam-Check-By: sourceware.org Received: from rock.gnat.com (HELO rock.gnat.com) (205.232.38.15) by sourceware.org (qpsmtpd/0.43rc1) with ESMTP; Mon, 12 Apr 2010 16:06:34 +0000 Received: from localhost (localhost.localdomain [127.0.0.1]) by filtered-rock.gnat.com (Postfix) with ESMTP id 305152BAB85; Mon, 12 Apr 2010 12:06:33 -0400 (EDT) Received: from rock.gnat.com ([127.0.0.1]) by localhost (rock.gnat.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP id oLU2rxlNMoCb; Mon, 12 Apr 2010 12:06:33 -0400 (EDT) Received: from joel.gnat.com (localhost.localdomain [127.0.0.1]) by rock.gnat.com (Postfix) with ESMTP id 00B662BAAFC; Mon, 12 Apr 2010 12:06:33 -0400 (EDT) Received: by joel.gnat.com (Postfix, from userid 1000) id DCB31F58C2; Mon, 12 Apr 2010 09:06:18 -0700 (PDT) Date: Mon, 12 Apr 2010 16:06:00 -0000 From: Joel Brobecker To: Mike Frysinger Cc: gdb-patches@sourceware.org Subject: Re: [PATCH] sim: tweak signed to unsigned local vars Message-ID: <20100412160618.GX19194@adacore.com> References: <1270936677-26654-1-git-send-email-vapier@gentoo.org> <20100412152413.GV19194@adacore.com> <201004121150.49169.vapier@gentoo.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <201004121150.49169.vapier@gentoo.org> User-Agent: Mutt/1.5.20 (2009-06-14) Mailing-List: contact gdb-patches-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: gdb-patches-owner@sourceware.org X-SW-Source: 2010-04/txt/msg00363.txt.bz2 > > I'm not sure I agree on this one. "tmp" is used to store the result of > > a subtraction of 2 pointers. IIRC, the exact type returned is ptrdiff_t, > > which is a signed value... > > true, but the math should never yield a negative value. the compare is > between a base pointer and a pointer returned from strchr() on the base > pointer. so the value should always be >= 0 and it should always fit in > 32bits. I always tend to be very careful with this type of reasoning, probably because of my past writing safety-critical software (and also how surprisingly difficult it turned out to be to formally prove that a piece of code would never overflow). Even if what you are saying is true, I think that we'll have less conversion issues if we use the proper types. But that's just me. Perhaps others with more C experience than I do will agree with you that we're fussing over something that actually does not matter. > size_t would be usable in pretty much all the places i changed, but i > consciously did not pick that because "unsigned" is the current convention, > both with local vars and function arguments. i didnt want to desync the type > conventions where some used size_t and some used unsigned especially since > they're different sizes on 64bit systems. I actually think, from the little that I have seen, that the code is actually pretty confused on whether to use signed or unsigned. Again, perhaps it's my Ada background where using the proper types is super important (and an invaluable help), but, never mind - if you can make it work with unsigned, then this is fine with me. You shouldn't have to pay for the sins of others. -- Joel