2013/11/25 Guy Harris <guy@xxxxxxxxxxxx>:
>
> On Nov 24, 2013, at 5:37 PM, Bálint Réczey <balint@xxxxxxxxxxxxxxx> wrote:
>
>> I tried to trigger a crash using GCC and -ftrapv without success while
>> the clang-compiled binary crashed as expected:
>
> Reproduced with clang on (x86-64) OS X.
>
> The problem is in
>
> PRIVATE int strhash(const char *x)
> {
> int h = 0;
> while( *x) h = h*13 + *(x++);
> return h;
> }
>
> In practice, the result of the hash function is taken modulo the hash table size, and that's always done with &, so, in practice, it's safe if it overflows.
>
> Perhaps it should do the calculation with unsigned integers and return an unsigned integer, however.
Yes, signed int overflow yields undefined behaviour, but the result of
unsigned overflow is defined thus the code above is invalid C.
At least we (you) found a real problem by temporarily enabling the
broken -ftrapv. :-)
Cheers,
Balint
