This is the mail archive of the gcc@gcc.gnu.org mailing list for the GCC project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Option to make unsigned->signed conversion always well-defined?

From: Ulf Magnusson <ulfalizer at gmail dot com>
To: gcc at gcc dot gnu dot org
Date: Wed, 5 Oct 2011 22:11:45 +0200
Subject: Option to make unsigned->signed conversion always well-defined?

Hi,

I've been experimenting with different methods for emulating the
signed overflow of an 8-bit CPU. The method I've found that seems to
generate the most efficient code on both ARM and x86 is

bool overflow(unsigned int a, unsigned int b) {
    const unsigned int sum = (int8_t)a + (int8_t)b;
    return (int8_t)sum != sum;
}

(The real function would probably be 'inline', of course. Regs are
stored in overlong variables, hence 'unsigned int'.)

Looking at the spec, it unfortunately seems the behavior of this
function is undefined, as it relies on signed int addition wrapping,
and that (int8_t)sum truncates bits. Is there some way to make this
guaranteed safe with GCC without resorting to inline asm? Locally
enabling -fwrap takes care of the addition, but that still leaves the
conversion.

/Ulf

Follow-Ups:
- Re: Option to make unsigned->signed conversion always well-defined?
  - From: Ulf Magnusson
- Re: Option to make unsigned->signed conversion always well-defined?
  - From: Pedro Pedruzzi
- Re: Option to make unsigned->signed conversion always well-defined?
  - From: Florian Weimer

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]