qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] Fix incorrect int->float conversions caught by clang -Wimpli

From: Fangrui Song
Subject: Re: [PATCH] Fix incorrect int->float conversions caught by clang -Wimplicit-int-float-conversion
Date: Wed, 20 Nov 2019 09:30:18 -0800
User-agent: NeoMutt/20180223-112-0c5bf3 
On 2019-11-20, Juan Quintela wrote:

Markus Armbruster <address@hidden> wrote:

Fangrui Song <address@hidden> writes:


The warning will be enabled by default in clang 10. It is not
available for clang <= 9.

qemu/migration/migration.c:2038:24: error: implicit conversion from
'long' to 'double' changes value from 9223372036854775807 to
9223372036854775808 [-Werror,-Wimplicit-int-float-conversion]
...
qemu/util/cutils.c:245:23: error: implicit conversion from 'unsigned
long' to 'double' changes value from 18446744073709550592 to
18446744073709551616 [-Werror,-Wimplicit-int-float-conversion]

Signed-off-by: Fangrui Song <address@hidden>
---
  migration/migration.c | 4 ++--
  util/cutils.c         | 4 ++--
  2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/migration/migration.c b/migration/migration.c
index 354ad072fa..ac3ea2934a 100644
--- a/migration/migration.c
+++ b/migration/migration.c
@@ -53,6 +53,7 @@
  #include "monitor/monitor.h"
  #include "net/announce.h"
  #include "qemu/queue.h"
+#include <math.h>

  #define MAX_THROTTLE  (32 << 20)      /* Migration transfer speed throttling 
*/

@@ -2035,11 +2036,10 @@ void qmp_migrate_set_downtime(double value, Error 
**errp)

        if (value < 0 || value > MAX_MIGRATE_DOWNTIME_SECONDS) {
            error_setg(errp, "Parameter 'downtime_limit' expects an integer in "
                             "the range of 0 to %d seconds",
                             MAX_MIGRATE_DOWNTIME_SECONDS);
            return;

      }


@value is now in [0,2000].



      value *= 1000; /* Convert to milliseconds */


@value is in [0,2000000]


-    value = MAX(0, MIN(INT64_MAX, value));


This does nothing.



      MigrateSetParameters p = {
          .has_downtime_limit = true,
-        .downtime_limit = value,
+        .downtime_limit = (int64_t)fmin(value, nextafter(0x1p63, 0)),


This does nothing and is hard to read :)

Can we simply drop the offending line statement instead?


Agreed aboutdropping the whole bussines for migration.



      };

      qmp_migrate_set_parameters(&p, errp);
diff --git a/util/cutils.c b/util/cutils.c
index fd591cadf0..2b4484c015 100644
--- a/util/cutils.c
+++ b/util/cutils.c
@@ -239,10 +239,10 @@ static int do_strtosz(const char *nptr, const char **end,
          goto out;
      }
      /*
-     * Values >= 0xfffffffffffffc00 overflow uint64_t after their trip
+     * Values > nextafter(0x1p64, 0) overflow uint64_t after their trip
       * through double (53 bits of precision).
       */
-    if ((val * mul >= 0xfffffffffffffc00) || val < 0) {
+    if ((val * mul > nextafter(0x1p64, 0)) || val < 0) {
          retval = -ERANGE;
          goto out;
      }


This comment was really bad (it says the same that the code).
On the other hand, I can *kind of* understand what does 0xffff<more
f's here>.

But I am at a complete loss about what value is:

nextafter(0x1p64, 0).

Can we put what value is that instead?


It is a C99 hexadecimal floating-point literal.
0x1p64 represents hex fraction 1.0 scaled by 2**64, that is 2**64.

We can write this as `val * mul > 0xfffffffffffff800p0`, but I feel that
counting the number of f's is error-prone and is not fun.

(We cannot use val * mul >= 0x1p64.
If FLT_EVAL_METHOD == 2, the intermediate computation val * mul will be
performed at long double precision, val * mul may not by representable
by a double and will overflow as (double)0x1p64.)
reply via email to
[Prev in Thread] Current Thread [Next in Thread]