[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <0289149f-3880-4e20-a22b-8540f212f1b0@stanley.mountain>
Date: Mon, 26 Aug 2024 10:28:21 +0300
From: Dan Carpenter <dan.carpenter@...aro.org>
To: Riyan Dhiman <riyandhiman14@...il.com>
Cc: gregkh@...uxfoundation.org, linux-kernel@...r.kernel.org,
linux-staging@...ts.linux.dev
Subject: Re: [PATCH] staging: vme_user: Change slot number type from int to
u32
On Sun, Aug 25, 2024 at 12:59:55PM +0530, Riyan Dhiman wrote:
> Change the type used for VME slot numbers from int to u32 throughout vme
> driver. This modification more accurately represents the nature of slot
> numbers which are always non-negative.
>
> The changes include
> - Updating variable declarations
> - Modifying function signatures and return types
>
> This change imporves type safety, prevents potential issues with sign conversion.
How type promotion works is that if we have if (a < b) { we first cast
everything to int. Then we look at the types of a and b and if one of them has
more than 31 positive bits, which ever has the most positive bits then we cast
both sides to that. The danger is that a negative value will be cast to a high
unsigned value.
In a way you could look at it like the unsigned types are what is making the
code more dangerous. If we didn't have unsigned types, nothing would change the
negatives into unsigned values. Sure we'd have to always check for negatives,
but you'd just get used to that and do it. This is how high level languages
like python work. They don't have any kind of nonsense about if you're
comparing a define and a number -5 and the define is defined as another define
and you have to dig through five different header files and then the define
eventually becomes a sizeof() and so that means -5 is now 18446744073709551611.
In python -5 is just -5.
Of course, there is a place for unsigned types in C but it's so subtle and
complicated to explain. I think people wish that there was a way to make C
safer when there really isn't. There is no easy answer like just declare
everything as u32. It's a false hope.
Here is a blog with more ranting.
https://staticthinking.wordpress.com/2023/07/25/wsign-compare-is-garbage/
regards,
dan carpenter
Powered by blists - more mailing lists