From ae9456c946c68fa07419cd4187b7060940f8ec25 Mon Sep 17 00:00:00 2001 From: Paul Eggert Date: Fri, 4 Dec 2020 10:44:51 -0800 Subject: intprops: update doc and mention Unisys * doc/gnulib-readme.texi (Other portability assumptions): Also mention ptrdiff_t when talking about widths and overflow. * doc/intprops.texi (Integer Properties): Summarize new section. (Arithmetic Type Properties): Document that EXPR_SIGNED no longer evaluates its argument. (Integer Bounds): Fix typo. (Wraparound Arithmetic): Remove obsolete comment about efficiency. Document that the _WRAPV macros now support pointers to unsigned integers. (Integer Range Overflow): Update SEI CERT citation. (Integer Portability): New subsection, which mentions the oddball Unisys platforms as non-Gnulib targets. --- doc/gnulib-readme.texi | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'doc/gnulib-readme.texi') diff --git a/doc/gnulib-readme.texi b/doc/gnulib-readme.texi index beb0ca9b67..45b7484f4d 100644 --- a/doc/gnulib-readme.texi +++ b/doc/gnulib-readme.texi @@ -427,7 +427,8 @@ Comments beginning with @samp{//}. This is mostly for style reasons. @subsection Other portability assumptions made by Gnulib The GNU coding standards allow one departure from strict C: Gnulib -code can assume that standard internal types like @code{size_t} are no +code can assume that standard internal types like +@code{ptrdiff_t} and @code{size_t} are no wider than @code{long}. POSIX requires implementations to support at least one programming environment where this is true, and such environments are recommended for Gnulib-using applications. When it @@ -447,7 +448,7 @@ and the GNU coding standards both require this. @item Signed integer arithmetic is two's complement. -Previously, Gnulib code sometimes assumed that signed integer +Previously, Gnulib code sometimes also assumed that signed integer arithmetic wraps around, but modern compiler optimizations sometimes do not guarantee this, and Gnulib code with this assumption is now considered to be questionable. @@ -469,7 +470,8 @@ In particular: @itemize @item If two nonoverlapping objects have sizes @var{S} and @var{T} represented as -@code{size_t} values, then @code{@var{S} + @var{T}} cannot overflow. +@code{ptrdiff_t} or @code{size_t} values, then @code{@var{S} + @var{T}} +cannot overflow. @item A pointer @var{P} points within an object @var{O} if and only if -- cgit v1.2.1