Re: [RFC] Fix div/mul crash and more undefined behavior
От | Xi Wang |
---|---|
Тема | Re: [RFC] Fix div/mul crash and more undefined behavior |
Дата | |
Msg-id | 50A9881D.3070806@gmail.com обсуждение исходный текст |
Ответ на | Re: [RFC] Fix div/mul crash and more undefined behavior (Tom Lane <tgl@sss.pgh.pa.us>) |
Ответы |
Re: [RFC] Fix div/mul crash and more undefined behavior
|
Список | pgsql-hackers |
On 11/18/12 6:47 PM, Tom Lane wrote: > Xi Wang <xi.wang@gmail.com> writes: >> [ patch adding a bunch of explicit INT_MIN/MAX constants ] > > I was against this style of coding before, and I still am. > For one thing, it's just about certain to introduce conflicts > against system headers. I totally agree. I would be happy to rewrite the integer overflow checks without using these explicit constants, but it seems extremely tricky to do so. One possible check without using INTn_MIN is: if (arg1 < 0 && -arg1 < 0 && arg2 == -1) { ... } Compared to (arg1 == INTn_MIN && arg2 == -1), the above check is not only more confusing and difficult to understand, but it also invokes undefined behavior (-INT_MIN overflow), which is dangerous: many C compilers will optimize away the check. I've tried gcc, clang, PathScale, and AMD's Open64, all of which perform such optimizations. Since INTn_MIN and INTn_MAX are standard macros from the C library, can we assume that every C compiler should provide them in stdint.h? At least this is true for gcc, clang, and Visual C++. Then we don't have to define them and worry about possible conflicts (though I think using #ifndef...#endif should be able to avoid conflicts). - xi
В списке pgsql-hackers по дате отправления: