On Thu, 21 Feb 2019 22:18:56 +0300 Dan Carpenter <dan.carpenter@xxxxxxxxxx> wrote:
> On Thu, Feb 21, 2019 at 10:54:58AM -0800, Andrew Morton wrote:
> > On Thu, 21 Feb 2019 21:38:26 +0300 Dan Carpenter <dan.carpenter@xxxxxxxxxx> wrote:
> >
> > > We put an upper bound on "new" but we don't check for negatives.
> >
> > U8_MAX has unsigned type, so `if (new > U8_MAX)' does check for negative.
> >
>
> No, doesn't work in this case.
>
> #define U8_MAX ((u8)~0U)
>
> It would need to unsigned long for the type promotion to prevent
> negatives, but it starts as unsigned int, then unsigned char, which is
> type promoted to int.
OK.
> It would be more clear to just write it as:
>
> #define U8_MAX 0xff
That doesn't work either. Tricky.
#include <stdio.h>
typedef unsigned char u8;
#define U8_MAX 0xff
int main(int argc, char *argv[])
{
long new;
new = -20;
if (new > U8_MAX)
printf("over\n");
}
