[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [csmith-bugs] Undefined behavior in safe_math: Bitwise operation produces negative zero

We should be clear about which standard we're using.  I'm looking at n1256.

My reading of agrees with Pascal's: two's complement has no negative zero.


On 06/27/2014 06:56 AM, Andreas Fried wrote:

this applies to the latest git revision of csmith, commit

We are using csmith together with kcc [1], which has found the following
undefined behavior in the safe math library:

In the functions safe_sub_func_int{8,16,32,64}_t_s_s, there are the
expressions ~INT{8,16,32,64}_MAX. Of these, ~INT32_MAX and ~INT64_MAX
are undefined according to the C standard, sect. (negative
zero produced through bitwise operations). The others are probably saved
by implicit conversion to int.

For two's complement integers, I'd propose to change this to
INT{8,16,32,64}_MIN, but I am not sure at all if this is the right thing
to do on other architectures.

Thank you in advance for looking into my problem,
Best regards,
Andreas Fried

[1] https://github.com/kframework/c-semantics