On Sun, 2004-06-13 at 04:52, Florian Weimer wrote:
> * Greg Hudson:
>
> > I think we're already fairly sunk on platforms where signed overflow is
> > signalled, so we're not worried about that.
>
> Uh-oh, you know that signed integer overflow is undefined in GCC land?
> 8->
Specifics? We don't necessarily need the value to be defined; we just
need it not to be signalled (as is allowed by the ANSI C standard, but
doesn't seem to be common in practice). We have code that reads in
signed ASCII decimal values, and it's hard to ensure that no integer
overflow occurs because our portability library doesn't define foo_MAX
values for the various symbolic integral types.
We don't expect overflow to happen under normal circumstances, but we
oughtn't dump core on any input (particularly input received over the
net). But it's acceptable to behave as if some other value was
specified in the input; or, in one case, we can detect the signed
overflow after the fact by checking if newval / 10 == oldval.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Sun Jun 13 16:42:43 2004