Bruce Evans <b...@optusnet.com.au> writes: > -Wcast-qual is not a very good warning option since the official way > to remove qualifiers in C is to cast them away. Casting them away is > better than using the __DECONST() abomination. The option exists > because it is too easy for sloppy code to cast away const without > really intending to or when casting away const is done intentionally > but is an error.
I agree that __DECONST() is ugly (not least because it strips all qualifiers, not just const, so it should be DEQUAL()), but the alternative is worse. In my experience, the majority of cases where a cast discards a qualifier are bugs, with struct iov being one of very few legitimate use cases. In the same vein, you could also argue that it is wrong of gcc and clang to warn about underparanthesized boolean expressions or about using an assignment as a truth value. Yet these warnings are extremely useful, because code that triggers them is often either incorrect or easily misinterpreted by a casual reader. Apple's "goto fail" certificate verification bug was caused by code that was perfectly legal and looked fine at first glance but would have been caught by -Wunreachable-code. Unfortunately, turning it on in our tree breaks the build in non-trivially-fixable ways because it is triggered by const propagation into inline functions. DES -- Dag-Erling Smørgrav - d...@des.no _______________________________________________ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
