Undefined-behavior overflows in GMP?

Torbjorn Granlund tg at gmplib.org
Tue Nov 20 10:26:31 CET 2012

Marc Glisse <marc.glisse at inria.fr> writes:

  On Tue, 20 Nov 2012, Roberto Bagnara wrote:
  > I have just finished reading "Understanding Integer Overflow in C/C++",
  > by Will Dietz, Peng Li, John Regehr, and Vikram Adve
  > (http://www.cs.utah.edu/~regehr/papers/overflow12.pdf).
  > On page 9, it says:
  >  Finally, we reported nine undefined overflows
  >  in the GNU Multiple Precision Arithmetic Library, one in
  >  BIND, and one in OpenSSL. We received no response from
  >  the developers of these three packages.
  > Talking about GMP alone, is this accurate and up to date?
  > Would it be possible to see the reports that were sent?
  on gmp-bugs:
  Date: Fri, 20 Aug 2010 21:34:40 -0600


I don't think these things are truly alarming.  The C standard defines
lots of thing wrt signed integer types as undefined.  We avoid most of
them, but not all.  This is not a practical problem.  The only related
thing we should really avoid is right-shift of signed types.

When I now look at mpz/cmp.c and cannot correlate any of the reported
problems with the code.


More information about the gmp-devel mailing list