On 06/28/2013 11:11 AM, Andrew Haley wrote:
On 06/28/2013 08:53 AM, Shiva Chen wrote:
I have a case which will generate abs instructions.
int main(int argc)
{
if (argc < 0)
argc = -(unsigned int)argc;
return argc;
}
To my understanding, given that argc=0x80000000 in 32bit int plaform,
the result of (unsigned int)argc is well defined and should be 0x80000000u.
(C99 6.3.1.3 point 2)
And then the result of -0x80000000u should be 0x80000000 because
unsigned operation can never overflow and the value can be
represented by signed integer.
(C99 6.2.5 point 9)
Yes, but you can't then assign that to an int, because it will overflow.
0x80000000 will not fit in an int: it's undefined behaviour.
GCC has an extension which makes this implementation-defined, preserving
the bit pattern in the signed type:
"For conversion to a type of width N, the value is reduced modulo 2^N to
be within range of the type; no signal is raised."
<http://gcc.gnu.org/onlinedocs/gcc/Integers-implementation.html#Integers-implementation>
--
Florian Weimer / Red Hat Product Security Team
