On Tue, 2017-05-09 at 15:11 +0200, Christoph Hellwig wrote: > On Tue, May 09, 2017 at 11:43:49AM +0200, Mkrtchyan, Tigran wrote: > > just out of curiosity: you are talking about increasing type safety, but > > at the same time replaces arguments to 'const void *data', which will accept > > everything. Is there something special which I don't understand? > > Nothing special - cast are potentially dangerous in general, and > function pointer cases are especially dangerous as there is no > verify the caller and callee signatures match at all. As generic > method call patterns need to have private data of some points they > need to have a void pointer somewhere - either in the signature or > as a pointer from a passed structure. For those the compiler at least > can do some basic sanity checking, and good static analysis tools can > even verify we get the proper object using whole program analysis. Strong ACK on all of this. I've been bitten before (in userland code) by having a function that took 3 arguments cast to something that took 2. So the callers ends up passing in too few arguments, and the function then just ends up using junk out of a register or off the the stack to satisfy the missing one. Not fun to track down. Christoph, for the first 13 patches, you can add: Reviewed-by: Jeff Layton <jlayton@xxxxxxxxxx> I'll look over the remaining ones later. -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
