On Wed, Jan 9, 2019 at 1:02 PM Luc Van Oostenryck
<luc.vanoostenryck@xxxxxxxxx> wrote:
>
> But this make me wonder ...
> I'm all for strict typing, it's in general a precious help, but
> for this "Using plain integer as NULL pointer" warning:
> 1) the problem of using 0 (an int) in a variadic function call
> expecting a pointer (possibly larger than an int) is well known
> but is there any other problem of using 0 instead of NULL?
> 2) when the warning is issued it is known that a pointer is expected
> so a size problem like in 1) is not possible.
>
> So isn't this a case of a 'bad warning'?
No.
The fact is, anybody who thinks that "0" is a good value for NULL is
not somebody I want to have anything to do with.
It's a *horrible* value for NULL, and it's completely unacceptable.
Yes, yes, I realize that it's the canonical value in K&R C. But that
was then, and K&R C doesn't really have much of a type system anyway -
just look at function declarations. K&R C is simply not worth worrying
about, it's legacy.
Any language which allows you to write
strnlen(0, NULL);
without screaming about getting the types entirely wrong for both
arguments is simply not worth using. We got over the old K&R C
braindamage long ago.
So sparse does the right thing. 0 is not NULL. It's not acceptable.
And NULL cannot ever be used in an integer context as the number '0'.
That's simply not acceptable.
This is such a fundamental type safety issue that I don't understand
how anybody can ever be confused about it.
So no, sparse warning about completely invalid use of the integer 0
for NULL is not a bad warning. It's fundamental.
And yes, I realize that the C++ people completely screwed up, and
originally doubled down on the old K&R C model of "NULL must be 0". It
took them a decade or more to understand just how wrong they were, but
they finally got over it. It's C++, what can I say?
The fact that the C++ people had no taste, and the fact that a lot of
C compilers have to dead with old per-K&R C and deal with header files
and legacy programs that still assume "0 is a valid NULL pointer" is
entirely immaterial.
The whole and *ONLY* point of sparse was to be better at typechecking
than C is. And the 0-vs-NULL confusion is just the most fundamental
and part of that.
Linus
