On Sun, 2017-04-02 at 22:43 +0200, Ola Lundqvist wrote: > Hi Hugo > > I have looked at the correction in combination with the new and old > source code. > > The short summary is that this could very well be optimized away by > the optimizer, at least if it is a buggy optimizer. [...] > So if you ask me, the introduction of a x>=0 check could be seen as > superflous and maybe an optimizer can actually optimize that away as x > should not be negative with this code. However it has a meaning, but > it is very subtle. [...] This seems to be a correct optimisation. Overflow/underflow on signed arithmetic has undefined behaviour, therefore standard C code will not allow it to happen and the compiler may rely on that. If the code does actually cause an overflow, literally anything can result. Thankfully gcc does have an option to support code that relies on two's-complement wrapping behaviour on signed arithmetic, which is -fwrapv. See also the -fno-strict-overflow option. Ben. -- Ben Hutchings Humans are not rational beings; they are rationalising beings.
Attachment:
signature.asc
Description: This is a digitally signed message part