Date: Thu, 11 Jan 2018 08:47:16 -0700 From: Warner Losh <imp@bsdimp.com> To: Dimitry Andric <dim@freebsd.org> Cc: Ed Schouten <ed@nuxi.nl>, Eitan Adler <lists@eitanadler.com>, FreeBSD Hackers <freebsd-hackers@freebsd.org> Subject: Re: 1 << 31 redux Message-ID: <CANCZdfqcmaW21K=SJz5yRbZE56njQNF6gYhLu17qMumggqA3Cw@mail.gmail.com> In-Reply-To: <CA37BE71-935C-4349-AFEF-B98160460FFE@FreeBSD.org> References: <CAF6rxg=GbfpBfPAAJg0RvpMrWW8p%2B0Ayf_Zd9i7Em2kOijFCjA@mail.gmail.com> <CABh_MKmy3ojYO3M6YwH2wWrEp5a4C-o2XC1icN%2BNj3GDo4f%2BZA@mail.gmail.com> <CA37BE71-935C-4349-AFEF-B98160460FFE@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Jan 11, 2018 at 6:37 AM, Dimitry Andric <dim@freebsd.org> wrote:
> On 11 Jan 2018, at 13:05, Ed Schouten <ed@nuxi.nl> wrote:
> >
> > 2018-01-11 13:03 GMT+01:00 Eitan Adler <lists@eitanadler.com>:
> >> I'd also like to see if we could find some more general solution, be it
> a
> >> compiler warning, bit set macro, or otherwise.
> >
> > Does Clang already offer a warning for this? If so, we should consider
> > adding it to WARNS=6.
>
> There is a -Wshift-sign-overflow flag, but it isn't enabled by default:
>
> $ clang -Wshift-sign-overflow -c bar.c
> bar.c:1:26: warning: signed shift result (0x80000000) sets the sign bit of
> the shift expression's type ('int') and becomes negative
> [-Wshift-sign-overflow]
> int bar(void) { return 1 << 31; }
> ~ ^ ~~
>
> I would expect quite a lot of stuff to break if you enable it, though. :)
>
> And of course, there is -fsanitize=undefined, which can catch this kind
> of thing at runtime.
>
If we can't get people to fix the warnings we have in the tree now
(especially the kernel), why enable new warnings that will just be ignored?
Warner
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CANCZdfqcmaW21K=SJz5yRbZE56njQNF6gYhLu17qMumggqA3Cw>