https://gcc.gnu.org/bugzilla/show_bug.cgi?id=66773
--- Comment #13 from Eric Gallager <egallager at gcc dot gnu.org> ---
(In reply to Segher Boessenkool from comment #11)
> Hi Daniel,
>
> (In reply to Daniel Marjamäki from comment #9)
> > Problems;
> >
> > * Code that performs comparison properly gets a warning.
>
> You get a warning if you compare a signed thing to an unsigned thing, and
> that signed thing is not (necessarily) the same when cast to unsigned (which
> is what will happen, and is what often catches people by surprise, and that
> is exactly what the warning is for).
>
> Do you have examples of perfectly fine code where you get a warning?
>
> > * Code where programmer makes a mistake with a cast does not generate a
> > warning.
>
> Yes. You should not use casts, except in some very specific cases, and
> most of the uses you see "in the wild" are a bad idea. Sometimes I wonder
> if we should have a -Wcast ("Warn for any cast.").
I get the feeling that such a warning would be extremely noisy and that no one
would use it. It would probably be better to go about improving existing
cast-related warnings, or adding new ones for specific cases, rather than
breaking out such a broad hammer. For example, the fixits that David Malcolm
added for -Wold-style-cast are very nice; extending those to apply to more
cast-related warnings would be a good improvement (I've been meaning to open a
separate bug about this). These would all be better, more-specific warnings to
add than an extremely broad -Wcast:
* -Wcast-to-the-same-type (bug 85043)
* -Wcast-variadic-function-type (bug 87379)
* -Wfunctional-cast (bug 69818)
* -Wcast-enum (bug 30357)
* -Wold-style-cast-qual (fixit would suggest using const_cast instead)
* -Wold-style-useless-cast
* Any of clang's cast-related warnings that we currently don't have yet; grep
https://clang.llvm.org/docs/DiagnosticsReference.html for the word "cast" to
find some
>
> > * This warning encourage programmers to cast and when they do make mistakes
> > sometimes there is no warning.
>
> What?
>
> ===
> void g(void);
> void f(long s, unsigned long u) { if (s == u) g(); }
> void f4(unsigned long u) { if (u == 4) g(); }
> void f8(signed char s, unsigned char u) { if (s == u) g(); }
> ===
>
> su.c: In function 'f':
> su.c:2:41: warning: comparison of integer expressions of different
> signedness: 'long int' and 'long unsigned int' [-Wsign-compare]
> 2 | void f(long s, unsigned long u) { if (s == u) g(); }
> | ^~
>
> Where does that encourage programmers to do silly and dangerous things?
> (Also not f4 and f8 don't warn).
>
> > Yet you think this is all fine and you are happy about these problems.
>
> I think that the warning does what it is supposed to do, yes.
>
> > It's safer to shut off this warning and use better tools to find these
> > issues.
>
> It is even safer to use a different programming language that does not
> have these problems. But we don't, we are programming in C here (or C++
> or whatever), and it has these problems, and we have a warning to warn
> about it.
>
> How can we educate people how to write better code, in the warning message,
> or maybe a fixit hint, or some info message?
If gcc can come up with a fixit, yes, that would be good.
(In reply to Daniel Marjamäki from comment #10)
> Well I am just a happy gcc user.. if some gcc maintainer thinks this ticket
> is invalid feel free to close it. I can't expect that everybody will think
> just like me. :-)
>
> As a Cppcheck developer I am dissappointed that all compilers have these
> warnings. And it ruins our chances to find real bugs with proper analysis.
Should we have this block the cppcheck meta-bug (bug 89863) then?
