This is the mail archive of the mailing list for the GCC project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

GCC optimizes integer overflow: bug or feature? (was: avoid integer overflow in mktime.m4)

[ Please see ]

Hello Paul, all,

Let's forward your comments and questions to the GCC list, I wasn't
aware of this topic being so disruptive:

* Paul Eggert wrote on Tue, Dec 19, 2006 at 03:06:52AM CET:
> Ralf Wildenhues <> writes:
> > the newer GCC exploits at -O2 the fact that integer overflow
> > produces undefined behavior
> Wheeeoo!  That optimization is going to break a _lot_ of GNU
> software.  (Silently.  Oh my.)
> This is a major change.  Where is it documented and discussed?  I
> don't see it listed at either
> <> or
> <>.
> We tried to do that sort of optimization in the 1990s (back when I
> was a GCC contributor), but ran into too many problems in
> real-world software.  So the optimization got removed.  RMS
> decided it was too disruptive.
> How about if we report the problem again, and get the optimization
> removed from -O2?  I don't mind having the optimization available
> on request for people who prefer speedy to reliable software, but
> it shouldn't be turned on with a mere -O2, as it breaks too much
> real-world code like mktime.c, which says:
>    /* The code also assumes that signed integer overflow silently wraps
>       around, but this assumption can't be stated without causing a
>       diagnostic on some hosts.  */
> The optimization also breaks code that assumes LIA-1 (see Annex H
> of the C99 standard).  To conform to LIA-1, if signed integer
> arithmetic does not wrap around reliably, a signal must be
> generated.
> Surely the GCC guys care about LIA-1.  After all, gcc has an
> -ftrapv option to enable reliable signal generation on signed
> overflow.  But I'd rather not go the -ftrapv route, since that
> will cause other problems.  I'd rather have signed integer
> overflow silently wrap around, as this is the traditional behavior
> and a lot of real-world code assumes this.  Is there an option to
> the new GCC to specify this?

Maybe it's also just an unintended bug I happened to observe
(and take for given behavior)?  Should I open a bugzilla entry?

The testing was done with
  gcc (GCC) 4.3.0 20061215

and I haven't tested GCC in several months before, so I have no idea
when this was introduced.

> If not, is there any way to tell the new GCC to disable this
> harmful optimization?  Maybe we can have 'configure' automatically
> generate the appropriate flag to do that.  For example, we can
> change Autoconf to default to -O1 instead of -O2.  I hope we don't
> have to be this drastic, though; I'd rather just disable the
> optimizations that cause GCC to depart from LIA-1 wraparound
> arithmetic.

> > This test hangs,
> Does the test hang forever?

No, the timeout works.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]