From: Marc Gonzalez <marc.w.gonzalez@free.fr>
To: Mauro Carvalho Chehab <mchehab+samsung@kernel.org>
Cc: linux-media <linux-media@vger.kernel.org>
Subject: Re: [PATCH 6/7] media: don't do an unsigned int with a 31 bit shift
Date: Fri, 23 Aug 2019 11:08:15 +0200 [thread overview]
Message-ID: <82b06099-f652-47e9-99b9-3bd3ec197a4e@free.fr> (raw)
In-Reply-To: <1a78a757b37d2628312e1d56d7a741ba89d42a91.1566502743.git.mchehab+samsung@kernel.org>
On 22/08/2019 21:39, Mauro Carvalho Chehab wrote:
> [PATCH 6/7] media: don't do an unsigned int with a 31 bit shift
s/unsigned int/signed int ?
(See below as well.)
> Doing something like:
>
> i32 foo = 1, bar;
>
> bar = foo << 31;
For my information, why did you split the expression over two lines,
instead of just using 1 << 31 in the example above?
(Most of the cases fixed involve a literal 1)
I.e. why didn't you just say "1 << 31 has undefined behavior" ?
Maybe patch subject can also be changed to "Don't use 1 << foo" ?
> has an undefined behavior in C, as warned by cppcheck, as we're
> shifting a signed integer.
Not quite right. Shifting a signed integer is well-defined in some cases.
See paragraph 4 below. For example, 1 << 8 always resolves to 256.
6.5.7 Bitwise shift operators
1 Syntax
shift-expression:
additive-expression
shift-expression << additive-expression
shift-expression >> additive-expression
2 Constraints
Each of the operands shall have integer type.
3 Semantics
The integer promotions are performed on each of the operands. The type of the result is
that of the promoted left operand. If the value of the right operand is negative or is
greater than or equal to the width of the promoted left operand, the behavior is undefined.
4 The result of E1 << E2 is E1 left-shifted E2 bit positions; vacated bits are filled with
zeros. If E1 has an unsigned type, the value of the result is E1 x 2^E2 , reduced modulo
one more than the maximum value representable in the result type. If E1 has a signed
type and non-negative value, and E1 x 2^E2 is representable in the result type, then that is
the resulting value; otherwise, the behavior is undefined.
5 The result of E1 >> E2 is E1 right-shifted E2 bit positions. If E1 has an unsigned type
or if E1 has a signed type and a non-negative value, the value of the result is the integral
part of the quotient of E1 / 2^E2 . If E1 has a signed type and a negative value, the
resulting value is implementation-defined.
> Instead, force the numbers to be unsigned, in order to solve this
> issue.
>
> Signed-off-by: Mauro Carvalho Chehab <mchehab+samsung@kernel.org>
> ---
> drivers/media/dvb-frontends/cx24123.c | 2 +-
> drivers/media/pci/bt8xx/bttv-input.c | 4 ++--
> drivers/media/pci/cx18/cx18-ioctl.c | 2 +-
> drivers/media/pci/ivtv/ivtv-driver.c | 2 +-
> drivers/media/pci/ivtv/ivtv-ioctl.c | 4 ++--
> drivers/media/pci/solo6x10/solo6x10-gpio.c | 6 +++---
> drivers/media/platform/exynos4-is/mipi-csis.c | 6 +++---
> drivers/media/platform/fsl-viu.c | 2 +-
> drivers/media/platform/mx2_emmaprp.c | 2 +-
> drivers/media/platform/pxa_camera.c | 4 ++--
> drivers/media/platform/qcom/venus/core.c | 2 +-
> drivers/media/platform/s5p-jpeg/jpeg-regs.h | 10 +++++-----
> drivers/media/platform/s5p-mfc/s5p_mfc_opr_v5.c | 4 ++--
> drivers/media/platform/s5p-mfc/s5p_mfc_opr_v6.c | 2 +-
> drivers/media/radio/radio-gemtek.c | 2 +-
> drivers/media/usb/dvb-usb-v2/gl861.c | 2 +-
> drivers/media/usb/pvrusb2/pvrusb2-hdw.c | 14 +++++++-------
> drivers/media/usb/pvrusb2/pvrusb2-v4l2.c | 4 ++--
> drivers/media/v4l2-core/v4l2-ioctl.c | 2 +-
> 19 files changed, 38 insertions(+), 38 deletions(-)
>
> diff --git a/drivers/media/dvb-frontends/cx24123.c b/drivers/media/dvb-frontends/cx24123.c
> index ac519c3eff18..3d84ee17e54c 100644
> --- a/drivers/media/dvb-frontends/cx24123.c
> +++ b/drivers/media/dvb-frontends/cx24123.c
> @@ -431,7 +431,7 @@ static u32 cx24123_int_log2(u32 a, u32 b)
> u32 div = a / b;
> if (a % b >= b / 2)
> ++div;
> - if (div < (1 << 31)) {
> + if (div < (1UL << 31)) {
> for (exp = 1; div > exp; nearest++)
> exp += exp;
> }
Did you pick unsigned long (rather than unsigned) because that's what is used
in the BIT macro? My concern is that UL is 64-bit wide on some platforms, and
when used in arithmetic expressions, compiler might generate worse code.
Regards.
next prev parent reply other threads:[~2019-08-23 9:08 UTC|newest]
Thread overview: 35+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-08-22 19:39 [PATCH 1/7] media: remove include stdarg.h from some drivers Mauro Carvalho Chehab
2019-08-22 19:39 ` [PATCH 2/7] media: vicodec: make life easier for static analyzers Mauro Carvalho Chehab
2019-08-22 19:39 ` [PATCH 3/7] media: aspeed-video: address a protential usage of an unit var Mauro Carvalho Chehab
2019-08-22 19:39 ` Mauro Carvalho Chehab
2019-08-26 15:12 ` Eddie James
2019-08-26 15:12 ` Eddie James
2019-08-22 19:39 ` [PATCH 4/7] media: ov9650: add a sanity check Mauro Carvalho Chehab
2019-08-23 10:33 ` Sylwester Nawrocki
2019-08-22 19:39 ` [PATCH 5/7] media: use the BIT() macro Mauro Carvalho Chehab
2019-08-22 19:39 ` Mauro Carvalho Chehab
2019-08-23 0:08 ` Laurent Pinchart
2019-08-23 0:08 ` Laurent Pinchart
2019-08-23 0:08 ` Laurent Pinchart
2019-08-23 9:47 ` [PATCH v2 " Mauro Carvalho Chehab
2019-08-23 9:47 ` Mauro Carvalho Chehab
2019-08-23 10:22 ` Sylwester Nawrocki
2019-08-23 10:22 ` Sylwester Nawrocki
2019-08-23 10:22 ` Sylwester Nawrocki
2019-08-23 12:12 ` Benoit Parrot
2019-08-23 12:12 ` Benoit Parrot
2019-08-23 12:12 ` Benoit Parrot
2019-08-23 20:45 ` Laurent Pinchart
2019-08-23 20:45 ` Laurent Pinchart
2019-08-23 20:45 ` Laurent Pinchart
2019-08-22 19:39 ` [PATCH 6/7] media: don't do an unsigned int with a 31 bit shift Mauro Carvalho Chehab
2019-08-22 19:39 ` Mauro Carvalho Chehab
2019-08-22 19:39 ` Mauro Carvalho Chehab
2019-08-23 9:08 ` Marc Gonzalez [this message]
2019-08-23 10:20 ` Mauro Carvalho Chehab
2019-08-23 11:09 ` Marc Gonzalez
2019-08-29 17:03 ` Kees Cook
2019-08-29 17:03 ` Kees Cook
2019-08-29 17:03 ` Kees Cook
2019-08-22 19:39 ` [PATCH 7/7] media: ngene: don't try to memcpy from NULL Mauro Carvalho Chehab
2019-08-22 19:43 ` Mauro Carvalho Chehab
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=82b06099-f652-47e9-99b9-3bd3ec197a4e@free.fr \
--to=marc.w.gonzalez@free.fr \
--cc=linux-media@vger.kernel.org \
--cc=mchehab+samsung@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.