Hi Greg, On Wed, Jun 12, 2024 at 03:35:20PM GMT, Greg KH wrote: > On Wed, Jun 12, 2024 at 03:16:58PM +0200, Alejandro Colomar wrote: > > Constants that are to be used in bitwise operations should be unsigned, > > or a user could easily trigger Undefined Behavior. > > Wait, do we really have such broken compilers out there? I meant this as a generic statement that signed integers on bitwise ops are bad, not as a specific statement that these values would trigger UB. I expect that these specific values and the operations done on them probably don't trigger UB, since the shifts are done by a controlled amount, and there are justa few operations done on them. For example, a left shift where a set bit overflows the type (e.g., 1<<32), causes UB. The reason why it's better to avoid this at all even if we know these values work fine, is that programs using <asm/termbits.h> would need to disable those compiler warnings, which could silence warnings on other code which might be broken. TL;DR: The kernel isn't broken, but improving this would allow users to enable stricter warnings, which is a good thing. > With this change, can the glibc versions then be dropped to just rely on > these instead? I don't know. glibc is CCd, so they can answer that. Have a lovely day! Alex -- <https://www.alejandro-colomar.es/>
Attachment:
signature.asc
Description: PGP signature
