[Webkit-unassigned] [Bug 160572] Undefined behavior ParkingLot.cpp on lockHashtable()

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Thu Aug 4 17:16:29 PDT 2016


Daniel Bates <dbates at webkit.org> changed:

           What    |Removed                     |Added
 Attachment #285373|review?                     |review-
              Flags|                            |

--- Comment #10 from Daniel Bates <dbates at webkit.org> ---
Comment on attachment 285373
  --> https://bugs.webkit.org/attachment.cgi?id=285373

View in context: https://bugs.webkit.org/attachment.cgi?id=285373&action=review

> Source/WTF/wtf/ParkingLot.cpp:-297
> -        for (unsigned i = currentHashtable->size; i--;) {

Can you explain how this is undefined behavior? Or can you post the compiler warning? By [basic.fundamental] (4) and footnote (46) of the C++ standard (*) "unsigned arithmetic does not overflow":

"Unsigned integers, declared unsigned, shall obey the laws of arithmetic modulo 2^n where n is the number of bits in the value representation of that particular size of integer. [46]"

And the footnote [46] reads "This implies that unsigned arithmetic does not overflow because a result that cannot be represented by the resulting unsigned integer type is reduced modulo the number that is one greater than the largest value that can be represented by the resulting unsigned integer type."

(*) <http://www.open-std.org/jtc1/sc22/wg21/docs/papers/2012/n3337.pdf>

> Source/WTF/wtf/ParkingLot.cpp:297
> +        unsigned i = currentHashtable->size+1;

Nit: Missing a space on both sides of the '+'.

You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20160805/c8bb38ff/attachment.html>

More information about the webkit-unassigned mailing list