On 9/8/2017 2:18 PM, Hans Wennborg via cfe-commits wrote:
On Fri, Sep 8, 2017 at 2:09 PM, Roman Lebedev <lebedev...@gmail.com> wrote:

Interesting. My first thought was to explicitly specify enum as signed:

enum MediaDeviceType : signed int {
MEDIA_DEVICE_TYPE_AUDIO_INPUT = 0,
MEDIA_DEVICE_TYPE_VIDEO_INPUT,
MEDIA_DEVICE_TYPE_AUDIO_OUTPUT,
NUM_MEDIA_DEVICE_TYPES,
};

inline bool IsValidMediaDeviceType(MediaDeviceType type) {
return type >= 0U && type < NUM_MEDIA_DEVICE_TYPES;
}

But it still seem to warn, and *that* sounds like a bug.
Please open a new bugreport.
I'm reporting it here :-)

As for different default signedness, i'm not sure what is there to do. Does
not sound like a problem for this diagnostic to intentionally avoid to
be honest.
I think it is a problem for this warning. If a user sees the warning
and removes the "type >= 0" check, thinking that it was unnecessary
because the compiler told them so, they have now introduced a bug in
the code.

Even if you declare the enum type as signed, it still isn't allowed to contain a negative number; that's undefined behavior.  You can check for this using ubsan's -fsanitize=enum.

-Eli

--
Employee of Qualcomm Innovation Center, Inc.
Qualcomm Innovation Center, Inc. is a member of Code Aurora Forum, a Linux 
Foundation Collaborative Project

_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

Reply via email to