On Thu, Jun 13, 2024 at 02:12:20PM GMT, Paul Eggert wrote:
> Part of the issue here is that GCC and Clang often do a better job of
> warning when constants are signed, not unsigned. For example, suppose a
> program mistakenly packages termios flags along with three other bits into
> an 'unsigned long', with code like this:
>
> unsigned long
> tagged_pendin (unsigned tag)
> {
> return (PENDIN << 3) | tag;
> }
>
> Since PENDIN is 0x20000000 Clang and GCC by default warn about the mistake,
> as the signed integer overflow has undefined behavior. But if PENDIN were
> changed to 0x20000000U the behavior would be well-defined, there would be no
> warning even with -Wall -Wextra -Wsign-conversion, and the code would
> silently behave as if PENDIN were zero, which is not intended.
>
> This is another reason why appending "U" to PENDIN's value would have
> drawbacks as well as advantages.
Hmmmm, very interesting point! I'll have that in mind when doing
bitwise stuff with constants.
--
<https://www.alejandro-colomar.es/>
Attachment:
signature.asc
Description: PGP signature
