On 28 Jul 2001 eeh@netbsd.org wrote:

: Todd:  This is what propted this move in the first place.  size_t is *NOT*
: unsigned long on any 32-bit platform except sparc and vax.  (And arm32 ELF
: now Matt Thomas made that change, but that was later.)  This means no
: warning what so ever on m68k, mips, sh3, and x86.

Fine, so we can change this.  However, we need to plan this carefully before
changing all the types, as I said before.  I'll get back to you later on
this, after I've done some more work that's more urgent on my current plate.

===

: | In fact, you can add some gcc extensions (that might be enabled by a
: | compile-time "-D"efine) that will make all nonprimitive integer typedefs
: | incompatible for implicit conversion with primitive types, if you wish.
: | This would probably provide the type of auditing necessary to flag problems
: | on all platforms that you want, *without* going to the length of allowing
: | people to write sloppy code by flattening types arbitrarily.
:
: So you want to hack gcc so all conversions to/from size_t always require
: explicit casts even if they are to another priimitive or typedef of
: the same type?

This isn't a gcc hack, and it's not for "any" type.  This is a gcc flag
added to some typedefs that will cause gcc to issue warnings:

* every time such a flagged nonprimitive type is passed to a printf() format
  without casting;

* whenever attempting to convert implicitly from a nonprimitive type (not
  necessarily just size_t; this includes ones which we currently have as
  32-bit everywhere, and which you want to change to just "int") to a
  primitive type with size smaller than "long int", so as to ensure that
  implicit conversions are casted where appropriate.

I'll get back to you about how this works later.  Additional checks can be
added to lint for this purpose, as well (see next point).

===

: | Lint should bitch on all implicit conversions that involve downsizing of a
: | type or changing signedness, because those do break.  In most cases, if we
: | plan such an ansi.h merger carefully (and I'm not saying it cannot be done
: | at least partially), we can set up the typedefs to flag this in as many
: | cases as possible.
:
: Those downsizing conversions are platform dependent.  That's why all
: platforms should be using `long' and `unsigned long' for ptrdiff_t
: and size_t.

That depends on how lint interprets our supplied nonprimitive types.  In
order to catch the ambiguities of standard-specified nonprimitive integer
types, lint could have an option (and appropriate /*COMMENT*/s) to flag
nonprimitive types that should be warned when implicit converstions are
performed.

-- 
-- Todd Vierling <tv@wasabisystems.com>  *  Wasabi NetBSD:  Run with it.
-- NetBSD 1.5 now available on CD-ROM  --  http://www.wasabisystems.com/