<div dir="ltr"><div>Making the transform into a bitfield allows bitfield tests for useful facts: it can see if it is a mirror image by testing the flip bit, and check for transposition of the axes by checking the 90 degree bit. I believe this is the reason behind the desire to declare it a bitfield and I agree this is nice to have.<br><br>I really do not see the problem with allowing it to be an int argument as long as the enum value 2^31 is not used. Though I am also stumped as to why you can't change the current misused ints into uint in the protocol. It will not change the bit layout in the messages and therefore is not a protocol change.<br><br></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Mon, Nov 9, 2015 at 7:51 AM, Nils Chr. Brause <span dir="ltr"><<a href="mailto:nilschrbrause@gmail.com" target="_blank">nilschrbrause@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hi,<br>
<div><div class="h5"><br>
On Mon, Nov 9, 2015 at 4:35 PM, Pekka Paalanen <<a href="mailto:ppaalanen@gmail.com">ppaalanen@gmail.com</a>> wrote:<br>
> On Mon, 9 Nov 2015 15:38:22 +0100<br>
> "Nils Chr. Brause" <<a href="mailto:nilschrbrause@gmail.com">nilschrbrause@gmail.com</a>> wrote:<br>
><br>
>> Hi,<br>
>><br>
>> On Mon, Nov 9, 2015 at 2:49 PM, Pekka Paalanen <<a href="mailto:ppaalanen@gmail.com">ppaalanen@gmail.com</a>> wrote:<br>
>> > On Mon, 9 Nov 2015 12:54:00 +0100<br>
>> > "Nils Chr. Brause" <<a href="mailto:nilschrbrause@gmail.com">nilschrbrause@gmail.com</a>> wrote:<br>
>> ><br>
>> >> Hi,<br>
>> >><br>
>> >> On Mon, Nov 9, 2015 at 12:04 PM, Pekka Paalanen <<a href="mailto:ppaalanen@gmail.com">ppaalanen@gmail.com</a>> wrote:<br>
>> >> > On Fri, 6 Nov 2015 16:05:10 +0100<br>
>> >> > "Nils Chr. Brause" <<a href="mailto:nilschrbrause@gmail.com">nilschrbrause@gmail.com</a>> wrote:<br>
>> >> ><br>
>> >> >> Hi,<br>
>> >> >><br>
>> >> >> On Fri, Nov 6, 2015 at 3:48 PM, Auke Booij <<a href="mailto:auke@tulcod.com">auke@tulcod.com</a>> wrote:<br>
>> >> >> > On 6 November 2015 at 13:03, Nils Christopher Brause<br>
>> >> >> > <<a href="mailto:nilschrbrause@gmail.com">nilschrbrause@gmail.com</a>> wrote:<br>
>> >> >> >> The enumeration wl_output.transform is clearly a bitfield.<br>
>> >> >> >> The definition of a bitfield is that each bit has a distinct<br>
>> >> >> >> meaning. This is clearly the case in the enumeration<br>
>> >> >> >> wl_output.transform:<br>
>> >> >> >><br>
>> >> >> >> - bit 0: rotate by 90 degree<br>
>> >> >> >> - bit 1: rotate by 180 degree<br>
>> >> >> >> - bit 2: flip around vertical axis<br>
>> ><br>
>> >> >> >> Therefore the bitfield="true" attribute has been added to<br>
>> >> >> >> the enumeration declaration. Since this bitfield is<br>
>> >> >> >> transferred as signed integer, the scanner had to be<br>
>> >> >> >> modified to accept that behaviour. This was also noted in<br>
>> >> >> >> the documentation.<br>
>> >> >> ><br>
>> >> >> > As I made clear in our previous discusions, I don't think that it is a<br>
>> >> >> > safe idea to allow signed integers to be bitfields. Requiring<br>
>> >> >> > unsignedness is a sanity check. So I would not like this patch, if<br>
>> >> >> > only for the reason that it invalidates this check.<br>
>> >> >><br>
>> >> >> I don't see why the signedness should even matter. A bitfield doesn't<br>
>> >> >> have a numerical value after all. It is just a collection of bits.<br>
>> >> ><br>
>> >> > I totally agree with Auke here.<br>
>> >> ><br>
>> >> > Let's reject this patch. It's just one more historical accident we have<br>
>> >> > to live with.<br>
>> >><br>
>> >> I still got no explaination why the signdness of a bitfield that has no<br>
>> >> numerical meaning even matters. (Rasons like "it feels natural" aside.)<br>
>> >> It is totally irrelavant whether a collection of bits is marked as signed or<br>
>> >> as unsigned. Therefore there is no sensible reason to reject this patch.<br>
>> ><br>
>> > Hi,<br>
>> ><br>
>> > my motivation comes from C.<br>
>> ><br>
>> > A single-bit signed bitfield can have values 0 and -1, not 1, which is<br>
>> > somewhat surprising. This is a small reason that promotes the<br>
>> > convention that all bitfields should be unsigned. Of course, this is<br>
>> > the C bit field feature, which is not very relevant here, except just<br>
>> > having the same name.<br>
>> ><br>
>> > Another reason I can think of is conversions between different sized<br>
>> > types. Signed values usually undergo sign extension, which can be a<br>
>> > surprise when you are only thinking about bits.<br>
>> ><br>
>> > Maybe the most relevant ones are this:<br>
>> ><br>
>> > "Right shift of a negative signed number has<br>
>> > implementation-defined behaviour."<br>
>> ><br>
>> > and:<br>
>> ><br>
>> > "A left shift, if the number either starts out negative, or the<br>
>> > shift operation would shift a 1 either to or beyond the sign<br>
>> > bit, has undefined behaviour (as do most operations on signed<br>
>> > values which cause an overflow)."<br>
>> ><br>
>> > - <a href="http://stackoverflow.com/questions/4009885/arithmetic-bit-shift-on-a-signed-integer" rel="noreferrer" target="_blank">http://stackoverflow.com/questions/4009885/arithmetic-bit-shift-on-a-signed-integer</a><br>
>> ><br>
>> > I wasn't really even aware of these two until I looked them up.<br>
>> ><br>
>> > For me all this belongs in the same category as the convention to<br>
>> > always use signed types when you are going to do arithmetics, rather<br>
>> > than using unsigned types only sometimes when you know you cannot have<br>
>> > negative values for certain input variables but do have negatives for<br>
>> > others. Mixing signed and unsigned types in arithmetic is error prone,<br>
>> > so the convention is there to let programmers think less and also avoid<br>
>> > compiler-specific or undefined behaviour.<br>
>> ><br>
>> ><br>
>> > Thanks,<br>
>> > pq<br>
>><br>
>> While I can see your motivation behind having bitfields only in a<br>
>> unsigned integer,<br>
>> none of your concers are actually relevant here, because the wl_output.transform<br>
>> bitfield is already a signed integer. Therefore a C programmer already has to be<br>
>> aware of the issues you have mentioned. Also I am not changing the C API.<br>
><br>
> That is the very reason why it should not be marked as a bitfield.<br>
><br>
> If you mark it as a bitfield, it encourages the use of bit-wise logic<br>
> ops. The data type is still signed. That is like knowingly luring<br>
> programmers into a trap.<br>
<br>
</div></div>To be honest, I expect a programmer who wants to use the Wayland C API<br>
directly (rather than using QT or the like) to be smart enough to be aware of<br>
that. Any decent programmer would only use AND, OR, XOR and NOT with<br>
bitfields, which are toatally safe with signed integers.<br>
<span class=""><br>
> You easily avoid the pitfalls by handling it as an enum, not a bitfield.<br>
><br>
> This is also the rationale behind the decision to require that<br>
> bitfields must be unsigned. The convention goes both ways: bitfield<br>
> must be unsigned, and signed must not be a bitfield.<br>
><br>
>> This patch improves the documentation as it marks every bitfield as such<br>
>> and it improves the usability of non-C language bindings. :)<br>
><br>
> We can argue whether it is a bitfield or not. There is certainly no<br>
> requirement to handle it as a bitfield as all possible "combinations"<br>
> are easily enumerated: there are only eight, and they are all listed<br>
> explicitly. Furthermore, all bits are part of the same thing:<br>
> transformation. There are no bits that would not affect the thing you<br>
> compute from any of the other bits.<br>
<br>
</span>In my definition of a bitfield, it is one. See above.<br>
<span class=""><br>
> If we ever get the open/closed notation, this would be a closed enum.<br>
><br>
> However, all the above argumentation pales when we look at what doing<br>
> what you suggest would require: either throwing away the requirement<br>
> for uint bitfields completely, or hardcoding an exception. To me, both<br>
> are far far too heavy solutions to a problem that is minor at most.<br>
<br>
</span>While I do not agree with you, I will accept your decision and add an exception<br>
to the scanner of the C++ bindings to deal with this defect in the protocol XML.<br>
<br>
> Thanks,<br>
> pq<br>
<div class="HOEnZb"><div class="h5"><br>
Cheers,<br>
Nils<br>
_______________________________________________<br>
wayland-devel mailing list<br>
<a href="mailto:wayland-devel@lists.freedesktop.org">wayland-devel@lists.freedesktop.org</a><br>
<a href="http://lists.freedesktop.org/mailman/listinfo/wayland-devel" rel="noreferrer" target="_blank">http://lists.freedesktop.org/mailman/listinfo/wayland-devel</a><br>
</div></div></blockquote></div><br></div>