[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Autoconf manual's coverage of signed integer overflow & portability

From: Paul Eggert
Subject: Re: Autoconf manual's coverage of signed integer overflow & portability
Date: Tue, 02 Jan 2007 23:05:54 -0800
User-agent: Gnus/5.1008 (Gnus v5.10.8) Emacs/21.4 (gnu/linux)

address@hidden (Richard Kenner) writes:

>> >> Many portable C programs assume that signed integer overflow wraps around
>> >> reliably using two's complement arithmetic.
>> >
>> I was looking for an adjective that mean the programs work on a wide
>> variety of platforms, and "portable" seems more appropriate than
>> "widely-used".
> Maybe just say what you mean, then:  "Many C programs that work on a wide
> variety of platforms assume that ..."

That's too long!  I'll prepend an "In practice" instead.

> I'd suggest making it clearer that any such compiler that did that is
> noncomforming.

OK, I'll throw in a "nonstandard".

> I have to say that the idea of having a program in which
> off_t values overflow is scary

It's easy to arrange with (for example) GNU dd, which lets you specify
both the start offset and the count, and the user can make the start
as large as they like.  On an older platform with 32-bit off_t I
encountered off_t overflow myself, in a practical application.

Reliable system programs typically have to deal with signed overflows
in basic system types; it's just part of life.  It's not that scary
once you get used to it.

> As to the method, however, I disagree with suggesting it because the
> difference between compiler-generated temporaries and user temporaries is
> getting smaller and smaller. I don't think it's worked for 'double' in years.

OK, I'll suggest using unsigned instead.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]