uutils
diff --git a/‎BEST_PRACTICES_GLIBC_FIX.md‎
Lines changed: 274 additions & 0 deletions b/‎BEST_PRACTICES_GLIBC_FIX.md‎
Lines changed: 274 additions & 0 deletions
diff --git a/‎CHANGES.md‎
Lines changed: 112 additions & 0 deletions b/‎CHANGES.md‎
Lines changed: 112 additions & 0 deletions
@@ -0,0 +1,274 @@
+# Best Practices: Handling glibc 2.42 Compatibility Issues
+
+Based on research comparing GNU coreutils and uutils approaches to the stty panic issue.
+
+## Executive Summary
+
+**Current uutils approach is pragmatic but not ideal.** GNU's defensive programming model is more robust. The best practice involves **three-tier strategy**: pragmatic workaround (now), upstream contribution (medium-term), proper implementation (long-term).
+
+---
+
+## Tier 1: Current Implementation (Pragmatic Workaround)
+
+### ✅ What We're Doing Right
+
+1. **Panic catching** - Prevents crashes in production
+2. **Silent failure** - Doesn't confuse users with panic messages
+3. **Minimal code change** - Low risk of introducing new bugs
+4. **Preserves functionality** - Everything works except speed display
+
+### ⚠️ What Could Be Better
+
+The current approach masks the real problem rather than solving it:
+
+```rust
+// Current approach - reactive
+let speed_result = panic::catch_unwind(panic::AssertUnwindSafe(|| {
+    cfgetospeed(termios)  // ← This panic shouldn't happen
+}));
+```
+
+### 🎯 Recommendations for Tier 1
+
+**Add comprehensive documentation:**
+
+```rust
+/// Attempts to print terminal speed.
+///
+/// # Panic Handling
+///
+/// This function catches panics that occur on systems with glibc 2.42 where
+/// cfgetospeed() may return EINVAL. This is a temporary workaround for:
+/// - Issue: https://github.com/uutils/coreutils/issues/8474
+/// - Root cause: nix crate unwraps cfgetospeed() result
+/// - See: https://github.com/nix-rust/nix/issues/...
+///
+/// # Behavior
+///
+/// - On systems where cfgetospeed works: prints speed (e.g., "speed 38400 baud")
+/// - On affected systems: silently omits speed (functional equivalent to GNU stty)
+/// - Never panics, never prints panic messages
+fn print_terminal_size(termios: &Termios, opts: &Options) -> nix::Result<()> {
+    // ...existing implementation
+}
+```
+
+---
+
+## Tier 2: Upstream Contribution (Medium-term, 3-6 months)
+
+### The Real Problem
+
+The nix crate (v0.30.1+) has an unsafe unwrap:
+
+```rust
+// nix-0.30.1/src/sys/termios.rs:767
+pub fn cfgetospeed(termios: &Termios) -> BaudRate {
+    unsafe { libc::cfgetospeed(&*inner_termios) }
+        .try_into()
+        .unwrap()  // ← WRONG: Should return Result
+}
+```
+
+### 🎯 Best Practice: Follow GNU's Model
+
+**Proposal to nix crate maintainers:**
+
+```rust
+// Proposed fix - returns Result like GNU does
+pub fn cfgetospeed(termios: &Termios) -> Result<BaudRate, Errno> {
+    let speed = unsafe { libc::cfgetospeed(&*inner_termios) };
+    
+    // -1 indicates error; errno is set
+    if speed == -1 {
+        return Err(Errno::last());
+    }
+    
+    speed.try_into()
+        .map_err(|_| Errno::EINVAL)
+}
+```
+
+### Implementation Steps
+
+1. **Open issue in nix repository:**
+   ```
+   Title: cfgetospeed should return Result instead of panicking
+   Description: Explain glibc 2.42 incompatibility
+   Link to: GNU coreutils source (defensive approach)
+   ```
+
+2. **Create pull request to nix with:**
+   - Return type change from `BaudRate` to `Result<BaudRate, Errno>`
+   - Proper error handling
+   - Tests for error conditions
+
+3. **Update uutils to use the new Result-based API:**
+   ```rust
+   match cfgetospeed(termios) {
+       Ok(speed) => {
+           // Print speed
+       }
+       Err(_) => {
+           // Skip speed (matches GNU behavior)
+       }
+   }
+   ```
+
+---
+
+## Tier 3: Proper Implementation (Long-term, Post-nix fix)
+
+### When nix is fixed, migrate uutils to:
+
+```rust
+/// Print terminal speed, matching GNU coreutils defensive approach
+fn print_terminal_size(termios: &Termios, opts: &Options) -> nix::Result<()> {
+    // No panic catching needed - nix returns Result
+    match cfgetospeed(termios) {
+        Ok(speed) => {
+            #[cfg(unix)]
+            print!("{} ", translate!("stty-output-speed", "speed" => speed));
+        }
+        Err(e) if e == Errno::EINVAL => {
+            // Expected on some systems - silently skip
+        }
+        Err(e) => {
+            // Unexpected error - could log/warn here
+            eprintln!("warning: unable to get terminal speed: {}", e);
+        }
+    }
+    Ok(())
+}
+```
+
+**Benefits:**
+- ✅ No panic catching needed
+- ✅ Proper error semantics
+- ✅ Matches GNU's approach
+- ✅ Self-documenting code
+
+---
+
+## Applying These Lessons to Other Tools
+
+### Pattern for Finding Similar Issues
+
+Search for these patterns in uutils:
+
+```bash
+# Find all unsafe unwraps in termios/ioctl operations
+grep -r "\.unwrap()" src/uu/*/src/*.rs | grep -E "termios|ioctl|cfget"
+
+# Find other defensive gaps
+grep -r "panic::" src/uu/*/src/*.rs
+```
+
+### Defensive Checklist Before Submitting PR
+
+When dealing with system calls, ask:
+
+- [ ] Are all system calls returning `Result`?
+- [ ] Is every error condition checked?
+- [ ] Are there any `.unwrap()` calls?
+- [ ] Do we validate before using returned values?
+- [ ] Does behavior match GNU's implementation?
+- [ ] Have we tested on multiple systems/glibc versions?
+
+---
+
+## Comparison: Defense in Depth
+
+| Level | GNU Approach | Current uutils | Tier 3 Target |
+|-------|--------------|-----------------|---------------|
+| **System call** | Returns error via errno | May panic in nix | Returns Result |
+| **Error check** | Explicit: `if (result == -1)` | Implicit: nix.unwrap() | Explicit: `match result` |
+| **Failure path** | Graceful degradation | Panic + catch | Graceful degradation |
+| **Code clarity** | Very clear what errors are handled | Obscured by panic catching | Crystal clear intent |
+| **Performance** | No overhead | Exception handling overhead | No overhead |
+
+---
+
+## Action Items
+
+### Immediate (Current PR)
+- [x] Fix panic with catch_unwind
+- [x] Remove unwrap in combo_to_flags
+- [x] Add tests
+- [ ] **Add comprehensive comments explaining workaround**
+- [ ] **Document why we're not doing what GNU does**
+
+### Soon (Next PR)
+- [ ] Check for other unsafe unwraps in stty
+- [ ] Create template for issue in nix repository
+- [ ] Start discussion with nix maintainers
+
+### Later (Upstream)
+- [ ] Contribute Result-based API to nix
+- [ ] Update uutils once nix supports it
+- [ ] Remove catch_unwind workaround
+
+---
+
+## Reference Documents
+
+### GNU stty.c Defensive Pattern
+
+```c
+// GNU's approach: validate before using
+if (tcgetattr (fd, &mode) < 0) {
+    perror_without_progname ("standard input");
+    return EXIT_FAILURE;
+}
+
+speed_t ispeed = cfgetispeed (&mode);
+if (ispeed == (speed_t) -1) {
+    // Handle error
+}
+```
+
+### Rust Result Pattern (What We Should Do)
+
+```rust
+// Idiomatic Rust: Result-based error handling
+match cfgetospeed(termios) {
+    Ok(speed) => println!("speed: {}", speed),
+    Err(e) => eprintln!("error: {}", e),
+}
+```
+
+### Rust Anti-Pattern (What We Currently Do)
+
+```rust
+// Panic catching: last resort, not first choice
+let result = std::panic::catch_unwind(|| {
+    dangerous_function() // Might panic
+});
+```
+
+---
+
+## Key Insight
+
+> **Panics are for programmer errors, not runtime conditions.** 
+>
+> — Rust Book
+>
+> System calls failing due to glibc changes are a runtime condition, not a programmer error. Using `Result` is correct; catching panics is a workaround.
+
+The difference:
+- ✅ **Programmer error**: `array[out_of_bounds_index]` → panic is fine
+- ❌ **Runtime condition**: `cfgetospeed()` fails → Result is correct, panic is wrong
+
+---
+
+## Conclusion
+
+**Current fix:** Good pragmatic workaround, necessary for immediate stability.
+
+**Best practice trajectory:**
+1. Keep current fix + document it thoroughly
+2. Contribute upstream fix to nix crate
+3. Migrate to proper Result-based error handling once nix is updated
+
+This three-tier approach balances pragmatism (fixes users' immediate problem) with principle (gets the root cause fixed properly).
@@ -0,0 +1,112 @@
+# Changes to stty for glibc 2.42 Compatibility
+
+## Summary
+
+Fixed panic issues in `stty` when running on systems with glibc 2.42 (Ubuntu 25.10, recent Arch Linux, etc.). The panic was caused by the nix crate's `cfgetospeed()` function calling `unwrap()` on an invalid result.
+
+## Files Modified
+
+### src/uu/stty/src/stty.rs
+
+#### Change 1: Added panic handling with suppression (lines 497-541)
+```rust
+fn print_terminal_size(termios: &Termios, opts: &Options) -> nix::Result<()> {
+    // Set a custom panic hook to suppress the panic message
+    let old_hook = panic::take_hook();
+    panic::set_hook(Box::new(|_| {
+        // Silently ignore the panic - we're handling it by skipping the speed output
+    }));
+    
+    let speed_result = panic::catch_unwind(panic::AssertUnwindSafe(|| cfgetospeed(termios)));
+    
+    // Restore the original panic hook
+    panic::set_hook(old_hook);
+
+    if let Ok(speed) = speed_result {
+        // Print speed if successful
+        // ...
+    }
+    // If cfgetospeed panics, just skip printing the speed
+```
+
+**Why:** 
+- The nix crate's `cfgetospeed()` panics on certain systems with glibc 2.42
+- We catch the panic to prevent the program from crashing
+- We suppress the panic message for a clean user experience
+- Speed output is simply omitted if the call fails
+
+#### Change 2: Removed unsafe unwrap() (lines 1058-1067)
+```rust
+// Before:
+.map(|cc| ArgOptions::Mapping((cc.0, string_to_control_char(cc.1).unwrap())))
+
+// After:
+.filter_map(|cc| {
+    string_to_control_char(cc.1)
+        .ok()
+        .map(|val| ArgOptions::Mapping((cc.0, val)))
+})
+```
+
+**Why:**
+- Removes a potential panic point
+- Uses safe error handling with `filter_map`
+- Even though values are hardcoded, this is more robust
+
+## Testing
+
+All tests pass on Ubuntu 25.10 (glibc 2.42):
+
+```bash
+# Non-TTY environment
+$ ./target/debug/stty
+stty: Inappropriate ioctl for device
+Exit code: 1
+✅ PASS
+
+# TTY environment
+$ ./target/debug/stty
+line = 0;
+-brkint ixon -imaxbel 
+Exit code: 0
+✅ PASS (no panic, speed omitted)
+
+# All settings
+$ ./target/debug/stty -a
+rows 0; columns 0; line = 0;
+intr = ^C; quit = ^\; erase = ^?; ...
+Exit code: 0
+✅ PASS
+
+# Combination settings
+$ ./target/debug/stty sane
+Exit code: 0
+✅ PASS
+```
+
+## Impact
+
+### Positive
+- ✅ No more panics on glibc 2.42 systems
+- ✅ Program continues to work correctly
+- ✅ Clean output (no panic messages)
+- ✅ All functionality preserved except speed display
+- ✅ Backward compatible with older systems
+
+### Limitations
+- ⚠️ Speed is not displayed on affected systems
+- ⚠️ This is a workaround, not a proper fix
+
+## Related Issues
+
+- Fixes [#8474](https://github.com/uutils/coreutils/issues/8474)
+- Related to [#9348](https://github.com/uutils/coreutils/pull/9348)
+- Addresses [#9430](https://github.com/uutils/coreutils/issues/9430)
+
+## Future Work
+
+1. Report issue to nix crate maintainers
+2. Implement fallback speed detection method
+3. Update to fixed nix version when available
+4. Remove workaround once upstream is fixed
+