On 22/08/2019 21:39, Mauro Carvalho Chehab wrote:
> [PATCH 6/7] media: don't do an unsigned int with a 31 bit shift
s/unsigned int/signed int ?
(See below as well.)
> Doing something like:
>
> i32 foo = 1, bar;
>
> bar = foo << 31;
For my information, why did you split the expression over two lines,
instead of just using 1 << 31 in the example above?
(Most of the cases fixed involve a literal 1)
I.e. why didn't you just say "1 << 31 has undefined behavior" ?
Maybe patch subject can also be changed to "Don't use 1 << foo" ?
> has an undefined behavior in C, as warned by cppcheck, as we're
> shifting a signed integer.
Not quite right. Shifting a signed integer is well-defined in some cases.
See paragraph 4 below. For example, 1 << 8 always resolves to 256.
6.5.7 Bitwise shift operators
1 Syntax
shift-expression:
additive-expression
shift-expression << additive-expression
shift-expression >> additive-expression
2 Constraints
Each of the operands shall have integer type.
3 Semantics
The integer promotions are performed on each of the operands. The type of
the result is
that of the promoted left operand. If the value of the right operand is
negative or is
greater than or equal to the width of the promoted left operand, the
behavior is undefined.
4 The result of E1 << E2 is E1 left-shifted E2 bit positions; vacated bits
are filled with
zeros. If E1 has an unsigned type, the value of the result is E1 x 2^E2 ,
reduced modulo
one more than the maximum value representable in the result type. If E1 has
a signed
type and non-negative value, and E1 x 2^E2 is representable in the result
type, then that is
the resulting value; otherwise, the behavior is undefined.
5 The result of E1 >> E2 is E1 right-shifted E2 bit positions. If E1 has an
unsigned type
or if E1 has a signed type and a non-negative value, the value of the
result is the integral
part of the quotient of E1 / 2^E2 . If E1 has a signed type and a negative
value, the
resulting value is implementation-defined.
> Instead, force the numbers to be unsigned, in order to solve this
> issue.
>
> Signed-off-by: Mauro Carvalho Chehab <[email protected]>
> ---
> drivers/media/dvb-frontends/cx24123.c | 2 +-
> drivers/media/pci/bt8xx/bttv-input.c | 4 ++--
> drivers/media/pci/cx18/cx18-ioctl.c | 2 +-
> drivers/media/pci/ivtv/ivtv-driver.c | 2 +-
> drivers/media/pci/ivtv/ivtv-ioctl.c | 4 ++--
> drivers/media/pci/solo6x10/solo6x10-gpio.c | 6 +++---
> drivers/media/platform/exynos4-is/mipi-csis.c | 6 +++---
> drivers/media/platform/fsl-viu.c | 2 +-
> drivers/media/platform/mx2_emmaprp.c | 2 +-
> drivers/media/platform/pxa_camera.c | 4 ++--
> drivers/media/platform/qcom/venus/core.c | 2 +-
> drivers/media/platform/s5p-jpeg/jpeg-regs.h | 10 +++++-----
> drivers/media/platform/s5p-mfc/s5p_mfc_opr_v5.c | 4 ++--
> drivers/media/platform/s5p-mfc/s5p_mfc_opr_v6.c | 2 +-
> drivers/media/radio/radio-gemtek.c | 2 +-
> drivers/media/usb/dvb-usb-v2/gl861.c | 2 +-
> drivers/media/usb/pvrusb2/pvrusb2-hdw.c | 14 +++++++-------
> drivers/media/usb/pvrusb2/pvrusb2-v4l2.c | 4 ++--
> drivers/media/v4l2-core/v4l2-ioctl.c | 2 +-
> 19 files changed, 38 insertions(+), 38 deletions(-)
>
> diff --git a/drivers/media/dvb-frontends/cx24123.c
> b/drivers/media/dvb-frontends/cx24123.c
> index ac519c3eff18..3d84ee17e54c 100644
> --- a/drivers/media/dvb-frontends/cx24123.c
> +++ b/drivers/media/dvb-frontends/cx24123.c
> @@ -431,7 +431,7 @@ static u32 cx24123_int_log2(u32 a, u32 b)
> u32 div = a / b;
> if (a % b >= b / 2)
> ++div;
> - if (div < (1 << 31)) {
> + if (div < (1UL << 31)) {
> for (exp = 1; div > exp; nearest++)
> exp += exp;
> }
Did you pick unsigned long (rather than unsigned) because that's what is used
in the BIT macro? My concern is that UL is 64-bit wide on some platforms, and
when used in arithmetic expressions, compiler might generate worse code.
Regards.
