From patchwork Tue Nov 17 09:59:41 2015
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Paolo Bonzini <pbonzini@redhat.com>
X-Patchwork-Id: 545472
Return-Path: <qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from lists.gnu.org (lists.gnu.org [IPv6:2001:4830:134:3::11])
	(using TLSv1 with cipher AES256-SHA (256/256 bits))
	(No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 41EEF141435
	for <incoming@patchwork.ozlabs.org>;
	Tue, 17 Nov 2015 21:00:18 +1100 (AEDT)
Received: from localhost ([::1]:57074 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71) (envelope-from
	<qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>)
	id 1Zyd3g-0007IU-Da
	for incoming@patchwork.ozlabs.org; Tue, 17 Nov 2015 05:00:16 -0500
Received: from eggs.gnu.org ([2001:4830:134:3::10]:46478)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <pbonzini@redhat.com>) id 1Zyd3D-0006VC-Ev
	for qemu-devel@nongnu.org; Tue, 17 Nov 2015 04:59:51 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <pbonzini@redhat.com>) id 1Zyd3A-0000bD-8o
	for qemu-devel@nongnu.org; Tue, 17 Nov 2015 04:59:47 -0500
Received: from mx1.redhat.com ([209.132.183.28]:35705)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <pbonzini@redhat.com>) id 1Zyd3A-0000b9-3i
	for qemu-devel@nongnu.org; Tue, 17 Nov 2015 04:59:44 -0500
Received: from int-mx14.intmail.prod.int.phx2.redhat.com
	(int-mx14.intmail.prod.int.phx2.redhat.com [10.5.11.27])
	by mx1.redhat.com (Postfix) with ESMTPS id 577CFC100455
	for <qemu-devel@nongnu.org>; Tue, 17 Nov 2015 09:59:43 +0000 (UTC)
Received: from donizetti.redhat.com (ovpn-112-81.ams2.redhat.com
	[10.36.112.81])
	by int-mx14.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with
	ESMTP id tAH9xfnu004263
	for <qemu-devel@nongnu.org>; Tue, 17 Nov 2015 04:59:42 -0500
From: Paolo Bonzini <pbonzini@redhat.com>
To: qemu-devel@nongnu.org
Date: Tue, 17 Nov 2015 10:59:41 +0100
Message-Id: <1447754381-29882-1-git-send-email-pbonzini@redhat.com>
X-Scanned-By: MIMEDefang 2.68 on 10.5.11.27
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x
X-Received-From: 209.132.183.28
Subject: [Qemu-devel] [PATCH for 2.5] QEMU does not care about left shifts
	of signed negative values
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org
Sender: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org

There's no reason for the compiler to exploit the undefinedness of left
shifts, In fact GCC explicitly documents that they do not use at all
all this possibility.  They also say this is subject to change, but
they have been saying this for 10 years (since the wording appeared in
the GCC 4.0 manual).

Any workaround for this particular case of undefined behavior uglifies
the code: using unsigned is unsafe because the value becomes positive
when extended; using -(a << b) does not express as well that the
intention is to compute -a * 2^N.

Clang has just added an obnoxious, pointless, *totally useless*, unsafe
warning about this.  It's obnoxious and pointless because the compiler
is not using the latitude that the standard gives it, so it just adds
noise.  It is useless and unsafe because it does not catch the widely
more common case where the LHS is a variable, and thus gives a false
sense of security.

The noisy nature of the warning means that it should have never been
added to -Wall.  The uselessness means that it probably should not
have even been added to -Wextra.

Document this explicitly, and shut up the stupid warning.
</rant>

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
---
 HACKING   | 4 ++++
 configure | 2 +-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/HACKING b/HACKING
index 12fbc8a..ece6d5b 100644
--- a/HACKING
+++ b/HACKING
@@ -157,3 +157,7 @@ painful. These are:
  * you may assume that integers are 2s complement representation
  * you may assume that right shift of a signed integer duplicates
    the sign bit (ie it is an arithmetic shift, not a logical shift)
+
+In addition, QEMU assumes that the compiler does not use the latitude
+given in C99 and C11 to treat aspects of signed '<<' as undefined, as
+documented in the GNU Compiler Collection manual starting at version 4.0.
diff --git a/configure b/configure
index 6bfa6f5..e54c2ed 100755
--- a/configure
+++ b/configure
@@ -1428,7 +1428,7 @@ fi
 gcc_flags="-Wold-style-declaration -Wold-style-definition -Wtype-limits"
 gcc_flags="-Wformat-security -Wformat-y2k -Winit-self -Wignored-qualifiers $gcc_flags"
 gcc_flags="-Wmissing-include-dirs -Wempty-body -Wnested-externs $gcc_flags"
-gcc_flags="-Wendif-labels $gcc_flags"
+gcc_flags="-Wendif-labels -Wno-shift-negative-value $gcc_flags"
 gcc_flags="-Wno-initializer-overrides $gcc_flags"
 gcc_flags="-Wno-string-plus-int $gcc_flags"
 # Note that we do not add -Werror to gcc_flags here, because that would