Tom Tromey <[EMAIL PROTECTED]> writes:
> >>>>> "Ian" == Ian Lance Taylor <[EMAIL PROTECTED]> writes:
>
> Ian> This is a bug in C++ code in libjava.
>
> Thanks. We enabled -fwrapv for the interpreter but, I think, thought
> that perhaps the other C++ code was safe.
> Would the new warning have caught this?
Yes. With -Wstrict-overflow:
../../../trunk/libjava/java/lang/natString.cc: In function ‘jint
_Jv_FormatInt(jchar*, jint)’:
../../../trunk/libjava/java/lang/natString.cc:375: warning: assuming signed
overflow does not occur when simplifying conditional to constant
It also warns about this sort of code which occurs a few times in that
file:
if (offset < 0 || count < 0 || offset + count < 0
|| offset + count > data_size)
Since if offset < 0 and count < 0, then VRP can assume that offset +
count < 0 is always true. If you want to code to correctly check for
signed overflow of offset + count, you will need to instead write
something along the lines of INT_MAX - offset <= count.
Ian
