[PATCH] 6788196: Array bounds checks in io_util.c rely on undefined behaviour

Dalibor Topic Dalibor.Topic at Sun.COM
Wed Dec 24 01:43:17 UTC 2008


David Holmes - Sun Microsystems wrote:
> >> In C, the result of an overflowing add of two signed integers is
> >> undefined.
>
> Strewth! That's a surprise to me. I always thought that C defined 
> integer arithmetic to always wrap. 
Only for unsigned operands (from 6.2.5 - Types):

"A computation involving unsigned operands can never overflow,
because a result that cannot be represented by the resulting
unsigned integer type is reduced modulo the number that is one
greater than the largest value modulo reduced that can be
represented by the resulting type."

see p. 496 in the "The New C Standard: An Economic and Cultural 
Commentary" for more details then most people care. ;)

cheers,
dalibor topic

-- 
*******************************************************************
Dalibor Topic                   Tel: (+49 40) 23 646 738
Java F/OSS Ambassador           AIM: robiladonaim
Sun Microsystems GmbH           Mobile: (+49 177) 2664 192
Nagelsweg 55                    http://openjdk.java.net
D-20097 Hamburg                 mailto:Dalibor.Topic at sun.com
Sitz der Gesellschaft: Sonnenallee 1, D-85551 Kirchheim-Heimstetten
Amtsgericht München: HRB 161028
Geschäftsführer: Thomas Schröder, Wolfgang Engels, Dr. Roland Bömer
Vorsitzender des Aufsichtsrates: Martin Häring






More information about the core-libs-dev mailing list