bug-autoconf
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: integer overflow documentation

From: Paul Eggert
Subject: Re: integer overflow documentation
Date: Tue, 02 May 2006 18:10:21 -0700
User-agent: Gnus/5.1008 (Gnus v5.10.8) Emacs/21.4 (gnu/linux) 
Thanks for catching that.  I didn't know that about the x86!

I installed the following slightly-different patch, which rewords
some of the other stuff I put in earlier.

2006-05-02  Paul Eggert  <address@hidden>
        and Bruno Haible  <address@hidden>

        * doc/autoconf.texi (Integer Overflow):
        Mention the special case of integer division overflow.

--- autoconf.texi.~1.1011.~     2006-05-02 17:35:02.000000000 -0700
+++ autoconf.texi       2006-05-02 18:06:35.000000000 -0700
@@ -14267,17 +14267,23 @@ the programs work well enough in practic
 @cindex overflow, arithmetic
 
 In C, signed integer overflow leads to undefined behavior.  However,
-many programs and Autoconf tests assume that integer overflow silently
-wraps around modulo a power of 2 so long as you cast the resulting value
+many programs and Autoconf tests assume that signed integer overflow after
+addition, subtraction, or multiplication silently
+wraps around modulo a power of two, using two's complement arithmetic,
+so long as you cast the resulting value
 to an integer type or store it into an integer variable.  Such programs
-are portable to the vast majority of modern platforms.  C99 has a way of
-specifying this portability (the LIA-1 option) but this is not
-universally supported yet.  GCC users might consider using the
+are portable to the vast majority of modern platforms.  However, signed
+integer division is not always harmless: for example, on CPUs of the
+i386 family, dividing @code{INT_MIN} by @code{-1} yields a SIGFPE signal
+which by default terminates the program.
+
+GCC users might consider using the
 @option{-ftrapv} option if they are worried about porting their code to
-the rare platforms where overflow does not wrap around.
+the rare platforms where signed integer overflow does not wrap around
+after addition, subtraction, or multiplication.
 
-In contrast, unsigned integer overflow reliably wraps around modulo the
-word size.
+Unsigned integer overflow reliably wraps around modulo the word size.
+This is guaranteed by the C standard and is portable in practice.
 
 @node Null Pointers
 @section Properties of Null Pointers
reply via email to
[Prev in Thread] Current Thread [Next in Thread]