#650 closed Bugs (Fixed)
Invalid code used for add w/ overflow checking
| Reported by: | nobody | Owned by: | jmaurer |
|---|---|---|---|
| Milestone: | Component: | random | |
| Version: | None | Severity: | Showstopper |
| Keywords: | Cc: |
Description
Discovered while working on our (Microsoft) C++
compiler:
This is an e-mail thread about the bug we ran into.
The current Microsoft VC++ compiler does not causes
this to return incorrect values, but there is no
guarantee that this will be the case in the future as
we produce better optimizations.
If you need to contact me about this, my e-mail is
alex.thaman@microsoft.com.
> FYI - this bug exists in at least versions of boost
>= 1.27.0
> (including the current one). Please see below for
details. It's a
> little unclear to us what the purpose of this
function is, but it
> appears to be doing a signed add and handling
overflow conditions, but
> it's doing to overflow detection incorrectly.
>
> Thanks,
> -Alex Thaman (Microsoft)
>
> _____________________________________________
> From: Russell Hadley
> Sent: Friday, June 09, 2006 3:00 PM
> To: Alex Thaman; Arjun Bijanki; Andy Rich
> Subject: RE: boost bug
>
> Just a slight spin on this: For the current boost
sources we aren't
> making a transformation in the compiler which
exposes the reliance on
> signed arithmetic overflow/underflow - this was
exposed in an older
> version - but potentially we could. It is a much
safer practice to
> test the ranges of the inputs to an arithmetic
expression if there is
> a danger of overflow rather than the output. The
compiler can
> potentially reorder any signed integer arithmetic
(algebraically) with
> out respect for signed overflow/underflow so
outputs have undefined
> semantics for that case. (off the cuff ex: cast
the inputs to
> unsigned and check their ranges.)
>
> Thanks.
>
> -R
>
> _____________________________________________
> From: Alex Thaman
> Sent: Friday, June 09, 2006 1:53 PM
> To: Arjun Bijanki
> Cc: Russell Hadley
> Subject: boost bug
>
> We ran into a bug in boost. In
> conformance\3rdPartyLibs\boost_1_2*_0
\boost\random\detail\const_mod.hp
> p, there is a function called add_signed (do_add in
version > 1.27.0).
> It has the following code:
>
> template<>
> struct do_add<true>
> {
> template<class IntType>
> static IntType add(IntType m, IntType x,
IntType c)
> {
> x += (c-m);
> if(x < 0)
> x += m;
> return x;
> }
> };
>
> The problem is that it is relying on an overflow in
their logic to
> calculate the correct value. This is undefined in
most cases, and the
> optimizer does some logic here by calculating
intermediate values and
> using them and avoiding the overflow that this test
is expecting. It
> is pretty clear that they depend on overflow
behavior if you just do a
> quick refactor of this code:
>
> If (x + (c - m) < 0) return x + c
> Else return x + c - m
>
> Thanks,
> -Alex
Change History (4)
comment:1 by , 16 years ago
comment:2 by , 16 years ago
| Status: | assigned → closed |
|---|
comment:3 by , 13 years ago
| Severity: | → Showstopper |
|---|
Is it NOUVELLE CUISINE when 3 olives are struggling with a scallop in a plate of SAUCE MORNAY? comprare viagra dall'Italia fioricet uses buy Cialis medication Tq1iKUm cheap tramadol
comment:4 by , 13 years ago
Apples have meant trouble since eden.
-- MaDsen Wikholm, mwikholm@…
viagra ordina adesso in italia buy fioricet pills cialis buy viagra ordina propecia TQVo/7c
Note:
See TracTickets
for help on using tickets.
Logged In: YES user_id=53943 Thanks for the report, sorry for the delay. I've checked in this patch which should fix the issue. --- const_mod.hpp 27 Jul 2004 03:43:32 -0000 1.8 +++ const_mod.hpp 29 Jun 2006 23:15:39 -0000 @@ -43,10 +43,10 @@ template<class IntType> static IntType add(IntType m, IntType x, IntType c) { - x += (c-m); - if(x < 0) - x += m; - return x; + if (x < m - c) + return x + c; + else + return x - (m-c); } };