[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: integer overflow documentation
From: |
Paul Eggert |
Subject: |
Re: integer overflow documentation |
Date: |
Tue, 02 May 2006 18:10:21 -0700 |
User-agent: |
Gnus/5.1008 (Gnus v5.10.8) Emacs/21.4 (gnu/linux) |
Thanks for catching that. I didn't know that about the x86!
I installed the following slightly-different patch, which rewords
some of the other stuff I put in earlier.
2006-05-02 Paul Eggert <address@hidden>
and Bruno Haible <address@hidden>
* doc/autoconf.texi (Integer Overflow):
Mention the special case of integer division overflow.
--- autoconf.texi.~1.1011.~ 2006-05-02 17:35:02.000000000 -0700
+++ autoconf.texi 2006-05-02 18:06:35.000000000 -0700
@@ -14267,17 +14267,23 @@ the programs work well enough in practic
@cindex overflow, arithmetic
In C, signed integer overflow leads to undefined behavior. However,
-many programs and Autoconf tests assume that integer overflow silently
-wraps around modulo a power of 2 so long as you cast the resulting value
+many programs and Autoconf tests assume that signed integer overflow after
+addition, subtraction, or multiplication silently
+wraps around modulo a power of two, using two's complement arithmetic,
+so long as you cast the resulting value
to an integer type or store it into an integer variable. Such programs
-are portable to the vast majority of modern platforms. C99 has a way of
-specifying this portability (the LIA-1 option) but this is not
-universally supported yet. GCC users might consider using the
+are portable to the vast majority of modern platforms. However, signed
+integer division is not always harmless: for example, on CPUs of the
+i386 family, dividing @code{INT_MIN} by @code{-1} yields a SIGFPE signal
+which by default terminates the program.
+
+GCC users might consider using the
@option{-ftrapv} option if they are worried about porting their code to
-the rare platforms where overflow does not wrap around.
+the rare platforms where signed integer overflow does not wrap around
+after addition, subtraction, or multiplication.
-In contrast, unsigned integer overflow reliably wraps around modulo the
-word size.
+Unsigned integer overflow reliably wraps around modulo the word size.
+This is guaranteed by the C standard and is portable in practice.
@node Null Pointers
@section Properties of Null Pointers