On 02/23/2018 11:52 AM, Siddhesh Poyarekar wrote:
On Saturday 24 February 2018 12:01 AM, Richard Biener wrote:
I don't see how the function cast is valid.
I've argued for void (*) () to/from void (*) (int), etc. In the past and that
was shot down similarly. This looks like exactly the same thing.
That should not throw a warning because void (*) (void) is used as a
wildcard to match all functions. My understanding from the discussions
around the patch implementation was that these are heuristics and are
not meant to catch all cases anyway. In such a scenario it might be
prudent to avoid breaking behaviour that many programs seem to assume.
Casting the address of a function that takes one or more arguments
to one that takes fewer is unsafe because when the pointer is used
to call the function the extra arguments have indeterminate values.
(This is also why void(*)(void) as a wildcard was a poor choice:
because it's only safe when it's an exact match.)
Casting in the opposite direction (fewer arguments to more) can
also lead to bugs under ABIs where the callee is responsible for
restoring the frame pointer.
The intent behind the warning is to help find instances of these
conversions that are unsafe and to drive improvements to code and
get it to adopt a single common wildcard. The current choice
isn't ideal but expanding it even further would compromise
the goal of the warning even more.
Martin
