This is the mail archive of the
gcc-patches@gcc.gnu.org
mailing list for the GCC project.
Re: [C/C++ PATCH] Implement -Wshift-negative-value (PR c/65179)
- From: Martin Sebor <msebor at redhat dot com>
- To: Marek Polacek <polacek at redhat dot com>, GCC Patches <gcc-patches at gcc dot gnu dot org>, Jason Merrill <jason at redhat dot com>, Joseph Myers <joseph at codesourcery dot com>
- Date: Thu, 23 Apr 2015 21:11:39 -0600
- Subject: Re: [C/C++ PATCH] Implement -Wshift-negative-value (PR c/65179)
- Authentication-results: sourceware.org; auth=none
- References: <20150422183633 dot GI28950 at redhat dot com>
On 04/22/2015 12:36 PM, Marek Polacek wrote:
Currently, we warn if the right operand of a shift expression is negative,
or greater than or equal to the length in bits of the promoted left operand.
But we don't warn when we see a left shift of a negative value. That is
undefined behavior since C99 and I believe C++11, so this patch implements
a new warning, -Wshift-negative-value, only active in C99/C++11.
A bunch of tests needed tweaking; I find it scary that some vect tests are
invoking UB.
I wonder if the tests where the left shift operands are both
constants really do invoke undefined behavior in GCC. For
example, AFAICS, in (-1 << 0) and other constant expressions
gcc computes the shift in unsigned HOST_WIDE_INT which is well
defined.
It seems the warning would be more valuable (and less likely
dismissed as overly pedantic) if it was issued when the second
operand was not constant and the computation had to be done in
hardware (or even better, in hardware not known to use the
same instructions for positive and negative operands).
The warning would also be valuable in some sort of a portability
mode (with -pedantic?) where the code is intended to be portable
to implementations that don't provide well-defined semantics for
left shifts of negative values.
Martin