>>> The comment is wrong. The code checks for signed overflow, but the
>>> following assignment still overflwos when ux is larger than INT_MAX.
>>
>> No, it doesn't. This conversion is implementation-defined (6.3.1.3/3),
>> and GCC does the obvious two's complement thing. This code is fine.
>
> It's fine with GCC 4.4, and likely with GCC 4.5 as well. But what
> about GCC 4.6? And how will a user compiling third-party software
> notice the discrepancy (if it ever arises)?
Implementation-defined means the implementation defines
the behaviour, and GCC defines it like this:
* `The result of, or the signal raised by, converting an integer to a
signed integer type when the value cannot be represented in an
object of that type (C90 6.2.1.2, C99 6.3.1.3).'
For conversion to a type of width N, the value is reduced modulo
2^N to be within range of the type; no signal is raised.
If this is ever to change, I'm sure you will hear about it.
Paranoid users can check the manual at every compiler release.
Segher
