On 5 June 2015 at 16:20, Paolo Bonzini <pbonz...@redhat.com> wrote: > > > On 05/06/2015 17:08, Peter Maydell wrote: >>> > Can someone add a checkpatch rule that forbids shifting left U or UL >>> > constants (i.e. only ULL)? That would alleviate my concerns with these >>> > ubsan warnings. >> >> ...but things like "(1U << 31)" are entirely valid. > > They're only valid until someone does a ~ on them. I think it's > reasonable to forbid them in our coding standards, if we want to fix > ubsan's warning of (1 << 31). > > I don't think it's reasonable for compiler writers to exploit the > undefinedness of (1 << 31) anyway, and if it were possible to shut up > ubsan about this particular kind of undefined behavior, I would prefer it.
I don't think it's reasonable for compiler writers to exploit undefined behaviour either, but historically they absolutely have done. Absent a guarantee from gcc that it will never do so, I think we should avoid any UB in our code. There's also the usual rationale that it's worth fixing the borderline things that provoke complaints from lint-like tools in order that new warnings don't get lost in the pile of old uninteresting warnings. thanks -- PMM
