View Issue Details

IDProjectCategoryView StatusLast Update
0000642LDMud 3.5Implementationpublic2009-05-26 08:01
Reporterzesstra Assigned To 
PrioritynormalSeverityminorReproducibilityN/A
Status newResolutionopen 
Summary0000642: Check code which assumes a defined overflow behaviour of signed integers
DescriptionThe overflow of signed integers is undefined behaviour according to the C standard. While usually a wrap to -INT_MAX occurs and it is a fairly common assumption among C programmers (and often used), modern gcc (and maybe other compilers) may generate code with the assumption, that such a wrap-around does not happen. Unfortunately we have some (yet mostly unidentified) pieces of code which assumes the wrapping behaviour. This will silently behave different than intended and may cause who-knows-what problems.

We have enabled -fwrapv with gcc in 0000635. However, this doesn't help for other compilers and it impairs gcc's ability to optimize. Therefore we should check our code for assumptions of a defined wrap-around behaviour of signed integers. After that we can remove -fwrapv again.

The option -Wstrict-overflow=x of gcc may help us to identify such code pieces.

I guess we should discuss here as well, how to deal with such code and reliably add (signed) integers. There are suggestions which involve a massacre of #defines (see below) but are ugly as hell...
Additional Informationhttp://www.fefe.de/intof.html
http://www.gnu.org/software/hello/manual/autoconf/Signed-Overflow-Advice.html#Signed-Overflow-Advice
TagsNo tags attached.

Relationships

related to 0000635 resolvedzesstra LDMud 3.3 Use -fwrapv by default if available and the compiler is gcc 

Activities

There are no notes attached to this issue.

Issue History

Date Modified Username Field Change
2009-05-26 08:01 zesstra New Issue
2009-05-26 08:01 zesstra Relationship added related to 0000635