Hi folks, I've made my "deepest" change yet to the formatter, altering code that hasn't changed since James Clark wrote it circa 1989. However, I think it unlikely that any user will notice any difference.
Traditionally, *roff arithmetic is a thin wrapper around C arithmetic, using signed integers. Signed integer overflow is undefined behavior in standard C. Historically, C users have assumed that overflowing signed integers would wrap around from the maximal to minimal value (changing sign) and vice versa. But there's never been a guarantee. And *roff users, when thinking about it at all, have likely made similar assumptions...most of the time. In GNU troff under limited circumstances, arithmetic won't wrap. (I leave identification of these as an exercise for the reader. The answer key is in the groff ChangeLog and Git commit messages.) If you enabled the `-ftrapv` compiler option, signed integer overflow would cause the formatter to SEGV. This was <https://savannah.gnu.org/bugs/?64301>. I have therefore migrated GNU troff arithmetic to use <stdckdint.h> checked arithmetic. This is part of C23, but also implemented by gnulib, so we have it no matter what the platform. This change lays a foundation for migration of GNU troff arithmetic from wrapping behavior, which is not useful in a typesetting application, to saturating arithmetic, which suits such a purpose better. https://savannah.gnu.org/bugs/?66001 In fact I have 3 applications of saturating arithmetic already in mind. https://savannah.gnu.org/bugs/?63587 https://savannah.gnu.org/bugs/?63837 https://savannah.gnu.org/bugs/?65190 Needless to say(?), all of our tests continue to pass, and I added one for several extremal arithmetic operations in the bargain (and a couple of mundane but tricky ones I stumbled over while working on this). I also sliced the commits very finely to aid future Git bisection in the event I messed up some corner case. (I wanted to cite a classic CS paper here about integer arithmetic setting forth the alternatives of trapping, wrapping, and saturating, but while I've read it, I can't find it now. :-/ ) Regards, Branden
signature.asc
Description: PGP signature
