This is the mail archive of the gcc@gcc.gnu.org mailing list for the GCC project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Autoconf manual's coverage of signed integer overflow & portability


kenner@vlsi1.ultra.nyu.edu (Richard Kenner) writes:

>> >> Many portable C programs assume that signed integer overflow wraps around
>> >> reliably using two's complement arithmetic.
>> >
>>
>> I was looking for an adjective that mean the programs work on a wide
>> variety of platforms, and "portable" seems more appropriate than
>> "widely-used".
>
> Maybe just say what you mean, then:  "Many C programs that work on a wide
> variety of platforms assume that ..."

That's too long!  I'll prepend an "In practice" instead.

> I'd suggest making it clearer that any such compiler that did that is
> noncomforming.

OK, I'll throw in a "nonstandard".

> I have to say that the idea of having a program in which
> off_t values overflow is scary

It's easy to arrange with (for example) GNU dd, which lets you specify
both the start offset and the count, and the user can make the start
as large as they like.  On an older platform with 32-bit off_t I
encountered off_t overflow myself, in a practical application.

Reliable system programs typically have to deal with signed overflows
in basic system types; it's just part of life.  It's not that scary
once you get used to it.

> As to the method, however, I disagree with suggesting it because the
> difference between compiler-generated temporaries and user temporaries is
> getting smaller and smaller. I don't think it's worked for 'double' in years.

OK, I'll suggest using unsigned instead.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]