View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0000642 | LDMud 3.5 | Implementation | public | 2009-05-26 08:01 | 2009-05-26 08:01 |
Reporter | zesstra | Assigned To | |||
Priority | normal | Severity | minor | Reproducibility | N/A |
Status | new | Resolution | open | ||
Summary | 0000642: Check code which assumes a defined overflow behaviour of signed integers | ||||
Description | The overflow of signed integers is undefined behaviour according to the C standard. While usually a wrap to -INT_MAX occurs and it is a fairly common assumption among C programmers (and often used), modern gcc (and maybe other compilers) may generate code with the assumption, that such a wrap-around does not happen. Unfortunately we have some (yet mostly unidentified) pieces of code which assumes the wrapping behaviour. This will silently behave different than intended and may cause who-knows-what problems. We have enabled -fwrapv with gcc in 0000635. However, this doesn't help for other compilers and it impairs gcc's ability to optimize. Therefore we should check our code for assumptions of a defined wrap-around behaviour of signed integers. After that we can remove -fwrapv again. The option -Wstrict-overflow=x of gcc may help us to identify such code pieces. I guess we should discuss here as well, how to deal with such code and reliably add (signed) integers. There are suggestions which involve a massacre of #defines (see below) but are ugly as hell... | ||||
Additional Information | http://www.fefe.de/intof.html http://www.gnu.org/software/hello/manual/autoconf/Signed-Overflow-Advice.html#Signed-Overflow-Advice | ||||
Tags | No tags attached. | ||||