Re: Rust kernel policy

From: David Laight
Date: Tue Feb 25 2025 - 17:50:07 EST

Next message: Rob Clark: "[PATCH] drm/msm: Expose DRIVER_SYNCOBJ_TIMELINE"
Previous message: Peter Xu: "Re: [PATCH 1/1] userfaultfd: do not block on locking a large folio with raised refcount"
In reply to: Felipe Contreras: "Re: Rust kernel policy"
Next in thread: Fiona Behrens: "Re: Rust kernel policy"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sat, 22 Feb 2025 00:37:01 +0100
Martin Uecker <uecker@xxxxxxxxx> wrote:

> Am Freitag, dem 21.02.2025 um 17:24 -0500 schrieb Steven Rostedt:
> > On Fri, 21 Feb 2025 11:30:41 -0800
> > Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx> wrote:
> >
> > > And yes, it's wrong in general. The problems with "x < 0" warning for
> > > an unsigned 'x' are deep and fundamental, and macros that take various
> > > types is only one (perhaps more obvious) example of how brokent that
> > > garbage is.
> >
> > The bug I recently fixed, and I still constantly make, where this does
> > help, is the difference between size_t vs ssize_t. I keep forgetting that
> > size_t is unsigned, and I'll check a return of a function that returns
> > negative on error with it.
> >
> > If I could just get a warning for this stupid mistake:
> >
> > size_t ret;
> >
> > ret = func();
> > if (ret < 0)
> > error();
> >
> >
> > I'd be very happy.
> >
>
> GCC has this warning, it is called -Wtype-limits

That bleats about all sorts of stuff that is reasonable code.

>
> https://godbolt.org/z/M787vjhfo
>
> It is activated by -Wextra.
>
> (anyway, not at all related to my proposal)
>
> Martin
>
>
>
>
>
>

Next message: Rob Clark: "[PATCH] drm/msm: Expose DRIVER_SYNCOBJ_TIMELINE"
Previous message: Peter Xu: "Re: [PATCH 1/1] userfaultfd: do not block on locking a large folio with raised refcount"
In reply to: Felipe Contreras: "Re: Rust kernel policy"
Next in thread: Fiona Behrens: "Re: Rust kernel policy"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]