Help stabilising mini-gmp
Niels Möller
nisse at lysator.liu.se
Sun Nov 20 17:54:01 UTC 2016
Marc Glisse <marc.glisse at inria.fr> writes:
> After inlining, there are subtractions. check_si is called at least
> once with oi = si + c (c is ±1). gcc simplifies the test si > si - 1
> to true, and warns that this optimization may break your program if
> you rely on wrapping.
I suspect this test program relies on it. With c == 1, si takes the
values 2, 4, 8, ..., (1<<62), (-1<<63), and I guess the check gcc warns
about is intended to detect overflow and act as a stop condition.
And my adding of debug printf might have pushed the size of the function
over some threshold so that it's no longer inlined, comparison not
optimized away, and then the test succeeded.
> The usefulness of such a warning is debatable, and we tend to drop
> some of them from gcc when we think nobody will notice.
Not sure. There are two dangers: Programs relying on undefined behavior,
and optimization based on the assumption that there will never be any
undefined behaviour.
Anyway, I can now repro locally, by running
make check CFLAGS="-O -Wall -g -fsanitize=undefined -fno-sanitize-recover"
in the mini-gmp/tests source directory. This fails with
t-signed.c:93:8: runtime error: signed integer overflow: -1 + -9223372036854775808 cannot be represented in type 'long int'
FAIL: t-signed
It would make sense to test both gmp and mini-gmp with
-fsanitize=undefined.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.
More information about the gmp-devel
mailing list