Re: termios constants should be unsigned

linux-api.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: enh <enh@google.com>
To: Alejandro Colomar <alx@kernel.org>
Cc: Paul Eggert <eggert@cs.ucla.edu>,
	Andrew Morton <akpm@linux-foundation.org>,
	 Palmer Dabbelt <palmer@rivosinc.com>,
	linux-api@vger.kernel.org, libc-alpha@sourceware.org,
	 linux-man@vger.kernel.org
Subject: Re: termios constants should be unsigned
Date: Wed, 12 Jun 2024 17:54:43 -0400	[thread overview]
Message-ID: <CAJgzZorzcAP5wNa-UCMyarmjgwVBveg0c0Dj36ByVEacnOHrnw@mail.gmail.com> (raw)
In-Reply-To: <5rfohnr4rs3tkfs7y3f7rth36c67pvcwv4q52onrjohdjtpo7m@stvcsncq7z4f>

On Wed, Jun 12, 2024 at 3:01 PM Alejandro Colomar <alx@kernel.org> wrote:
>
> On Wed, Jun 12, 2024 at 01:47:03PM GMT, enh wrote:
> > hacked these changes into AOSP, and it did break one bit of existing
> > code that was already working around the sign differences --- this
> > warning was enabled but the code had a cast to make the _other_ side
> > of the comparison signed (rather than make this side of the comparison
> > unsigned).
>
> BTW, that seems to be a bogus way to workaround this; the cast should
> have been on the other side.  I'd say whoever maintains that code should
> probably fix that to use unsigned types.

indeed. i've already sent out such a change :-)

>  These constants are meant to
> be 'tcflag_t', so a cast should be to that type, or the type of the
> other side of the comparison, but casting to 'int' just for silencing a
> waring seems nuts.

i suspect the reasoning was one of readability --- keeping the [short]
constants legible at the cost of making the expression slightly
longer.

> This makes me wonder if breaking _those_ users could be a good thing...

like Paul Eggert said somewhere else today --- only if we're finding
real bugs. and so far we're not.

it's like the warn_unused_result argument. a purist would argue that
every function should have that annotation, because you should always
check for errors, and if you're not already doing so, your code is
already broken. whereas a pragmatist would argue that most people are
just going to add the "shut up, compiler" cast (or disable the warning
entirely) if their already-working code suddenly starts spamming
warnings next time they build it.

while my bar for that might not be as high as my bar for ABI breakage,
my source compatibility bar is still pretty high. it would be almost
unethical of me to make app developers do random busywork. i have to
be pretty confident (as with, say, "you just passed an fd > 1024 to an
fd_set function/macro and thus corrupted memory") that their code is
_definitely_ wrong. (and even there, that's going to have to be a
runtime check!)

> --
> <https://www.alejandro-colomar.es/>

next prev parent reply	other threads:[~2024-06-12 21:54 UTC|newest]

Thread overview: 18+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-06-12 12:16 termios constants should be unsigned Alejandro Colomar
2024-06-12 12:22 ` Greg KH
2024-06-12 13:16   ` [PATCH] uapi/asm/termbits: Use the U integer suffix for bit fields Alejandro Colomar
2024-06-12 13:35     ` Greg KH
2024-06-12 14:00       ` Alejandro Colomar
2024-06-12 14:21         ` Greg KH
2024-06-12 15:07           ` Alejandro Colomar
2024-06-12 14:55 ` termios constants should be unsigned Paul Eggert
2024-06-12 16:28   ` Alejandro Colomar
2024-06-12 17:47     ` enh
2024-06-12 18:55       ` Alejandro Colomar
2024-06-12 19:01       ` Alejandro Colomar
2024-06-12 21:54         ` enh [this message]
2024-06-12 22:22           ` Alejandro Colomar
2024-06-12 18:27     ` Paul Eggert
2024-06-13 12:32   ` Zack Weinberg
2024-06-13 21:12     ` Paul Eggert
2024-06-13 21:37       ` Alejandro Colomar

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=CAJgzZorzcAP5wNa-UCMyarmjgwVBveg0c0Dj36ByVEacnOHrnw@mail.gmail.com \
    --to=enh@google.com \
    --cc=akpm@linux-foundation.org \
    --cc=alx@kernel.org \
    --cc=eggert@cs.ucla.edu \
    --cc=libc-alpha@sourceware.org \
    --cc=linux-api@vger.kernel.org \
    --cc=linux-man@vger.kernel.org \
    --cc=palmer@rivosinc.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).