Re: termios constants should be unsigned

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 6/13/24 05:32, Zack Weinberg wrote:
there is still a need for
caution around conversions that change signedness.

Yes, just as there is need for caution around any use of unsigned types. Unfortunately in my experience Clang's (and even GCC's) warnings about signedness conversion are more likely to cause harm than good, with this thread being an example of the harm.

Part of the issue here is that GCC and Clang often do a better job of warning when constants are signed, not unsigned. For example, suppose a program mistakenly packages termios flags along with three other bits into an 'unsigned long', with code like this:

  unsigned long
  tagged_pendin (unsigned tag)
  {
    return (PENDIN << 3) | tag;
  }

Since PENDIN is 0x20000000 Clang and GCC by default warn about the mistake, as the signed integer overflow has undefined behavior. But if PENDIN were changed to 0x20000000U the behavior would be well-defined, there would be no warning even with -Wall -Wextra -Wsign-conversion, and the code would silently behave as if PENDIN were zero, which is not intended.

This is another reason why appending "U" to PENDIN's value would have drawbacks as well as advantages.





[Index of Archives]     [Kernel Documentation]     [Netdev]     [Linux Ethernet Bridging]     [Linux Wireless]     [Kernel Newbies]     [Security]     [Linux for Hams]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux RAID]     [Linux Admin]     [Samba]

  Powered by Linux