This is the mail archive of the gcc@gcc.gnu.org mailing list for the GCC project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: changing "configure" to default to "gcc -g -O2 -fwrapv ..."


Joe Buck <Joe.Buck@synopsys.com> writes:

>> >       *hv = (HOST_WIDE_INT) -(unsigned HOST_WIDE_INT) h1;
>> 
>> Can't that conversion overflow?
>
> Not on a two's complement machine,

Sure it can.  Suppose we have a 64-bit two's complement
machine with no padding, and h1 is - 2**63.  Then (unsigned
HOST_WIDE_INT) h1 is 2**63, -(unsigned HOST_WIDE_INT) h1 is
also 2**63, and converting 2**63 to HOST_WIDE_INT overflows.

In this case C99 says the overflow results in an
implementation-defined value, or an implementation-defined
signal.  If the former, the most plausible value is - 2**63
but C99 allows other values.  If the latter, GCC will crash.
Either way, the code is "broken" -- unless you assume wrapv
semantics of course.

Even an expert like you can easily get this wrong, and this
suggests how tricky this area of Standard C really is.  Only
a tiny fraction of C programmers know how to write this sort
of code reliably and in conformance to minimal standard C.
It's little wonder that most C programmers assume wrapv
semantics in cases like this.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]