New submission from Alexey Izbyshev <izbys...@ispras.ru>:
gallop_left() and gallop_right() functions explicitly rely on overflowing behavior of Py_ssize_t (https://github.com/python/cpython/blob/6015cc50bc38b9e920ce4986ee10658eaa14f561/Objects/listobject.c#L1361): ofs = (ofs << 1) + 1; if (ofs <= 0) /* int overflow */ ofs = maxofs; Signed integer overflow is undefined in C, and the above is guaranteed to work only if compiler-specific workarounds are applied, such as GCC's -fwrapv (that is what CPython does). Without such workarounds the compiler would be free to remove the if statement. ---------- components: Interpreter Core messages: 328688 nosy: berker.peksag, izbyshev, pitrou, serhiy.storchaka priority: normal severity: normal status: open title: Objects/listobject.c: gallop functions rely on signed integer overflow type: behavior versions: Python 2.7, Python 3.6, Python 3.7, Python 3.8 _______________________________________ Python tracker <rep...@bugs.python.org> <https://bugs.python.org/issue35091> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
