Re: Having fun with the following C code (UB)

To: debian-devel@lists.debian.org
Subject: Re: Having fun with the following C code (UB)
From: Vincent Lefevre <vincent@vinc17.net>
Date: Mon, 14 Apr 2014 13:51:11 +0200
Message-id: <[🔎] 20140414115111.GB5354@ypig.lip.ens-lyon.fr>
Mail-followup-to: debian-devel@lists.debian.org
In-reply-to: <[🔎] 87lhv9sy3y.fsf@windlord.stanford.edu>
References: <[🔎] 21318.32941.351261.72783@chiark.greenend.org.uk> <[🔎] Pine.BSM.4.64L.1404101147250.23837@herc.mirbsd.org> <[🔎] 20140410153409.GA32321@xvii.vinc17.org> <[🔎] 21318.56319.795404.108549@chiark.greenend.org.uk> <[🔎] 5346F981.9010802@debian.org> <[🔎] 20140412203827.GA25376@khazad-dum.debian.net> <[🔎] 5349F72D.4030401@debian.org> <[🔎] 87wqeurm01.fsf@windlord.stanford.edu> <[🔎] 5349FEBC.70105@shemesh.biz> <[🔎] 87lhv9sy3y.fsf@windlord.stanford.edu>

On 2014-04-12 20:32:33 -0700, Russ Allbery wrote:
> I enabled -fstrict-overflow -Wstrict-overflow=5 -Werror in my standard
[...]

GCC does silly things with -Wstrict-overflow=5.

For instance, consider the following code:

int foo (int d)
{
  int m;
  m = d * 64;
  return m;
}

With "gcc -O2 -fstrict-overflow -Wstrict-overflow=5", everything
is fine. But if return value is replaced by "m >= 0", giving the
following code:

int foo (int d)
{
  int m;
  m = d * 64;
  return m >= 0;
}

I get:

tst.c: In function ‘foo’:
tst.c:5:12: warning: assuming signed overflow does not occur when eliminating multiplication in comparison with zero [-Wstrict-overflow]
   return m >= 0;
            ^

while the cause of a potential bug would be the same. For consistency,
GCC should have warned for the first code too.

This affects the compilation of the MPFR trunk, which has similar
code... excepts that MPFR also has an overflow check, which isn't
used by GCC, like that:

#include <limits.h>

#define C 64

int foo (int d)
{
  int m;
  if (d <= 0 || d > INT_MAX / C)
    return 0;
  m = d * C;
  return m >= 0;
}

-- 
Vincent Lefèvre <vincent@vinc17.net> - Web: <https://www.vinc17.net/>
100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/>
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)

Reply to:

Follow-Ups:
- Re: Having fun with the following C code (UB)
  - From: Raphael Geissert <geissert@debian.org>

References:
- Re: Having fun with the following C code (UB)
  - From: Ian Jackson <ijackson@chiark.greenend.org.uk>
- Re: Having fun with the following C code (UB)
  - From: Thorsten Glaser <tg@mirbsd.de>
- Re: Having fun with the following C code (UB)
  - From: Vincent Lefevre <vincent@vinc17.net>
- Re: Having fun with the following C code (UB)
  - From: Ian Jackson <ijackson@chiark.greenend.org.uk>
- Re: Having fun with the following C code (UB)
  - From: Shachar Shemesh <shachar@debian.org>
- Re: Having fun with the following C code (UB)
  - From: Henrique de Moraes Holschuh <hmh@debian.org>
- Re: Having fun with the following C code (UB)
  - From: Shachar Shemesh <shachar@debian.org>
- Re: Having fun with the following C code (UB)
  - From: Russ Allbery <rra@debian.org>
- Re: Having fun with the following C code (UB)
  - From: Shachar Shemesh <shachar@shemesh.biz>
- Re: Having fun with the following C code (UB)
  - From: Russ Allbery <rra@debian.org>

Prev by Date: Re: Having fun with the following C code (UB)
Next by Date: Re: Having fun with the following C code (UB)
Previous by thread: Re: Having fun with the following C code (UB)
Next by thread: Re: Having fun with the following C code (UB)
Index(es):
- Date
- Thread