On Sun, Jul 08, 2018 at 09:17:07PM +0000, Bart Van Assche wrote: > On Sun, 2018-07-08 at 12:42 -0600, Jason Gunthorpe wrote: > > On Sun, Jul 08, 2018 at 03:31:45PM +0000, Bart Van Assche wrote: > > > On Sun, 2018-07-08 at 13:38 +0300, Leon Romanovsky wrote: > > > > + * - 'a << s' sets the sign bit, if any, in '*d' > > > > > > Setting the highest bit is fine if a is unsigned. > > > > No, it isn't, it makes 'd' negative, which is to be considered an overflow. > > How could an *unsigned* number ever be negative? Please clarify. The comment is talking about 'd', not a. The type of a is totally irrelevant. Consider this case: u32 a = 1 int d; check_shift_overflow(a, 31, &d) == true The definition of all the overflow macros is essentially 'compute the math on infinite precision, fail if the output type cannot represent the result'. We do not have to consider the input types when performing the math, only the output type really matters. In the above, an 'int' cannot represent 1<<31, so it must fail. Jason -- To unsubscribe from this list: send the line "unsubscribe linux-rdma" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
