The following reply was made to PR lib/35401; it has been noted by GNATS.

From: Christian Biere <christianbiere@gmx.de>
To: gnats-bugs@NetBSD.org
Cc: 
Subject: Re: lib/35401
Date: Thu, 11 Jan 2007 23:39:31 +0100

 Thorsten Glaser wrote:
 >  Christian Biere dixit:
   
 >  >For what it's worth, this has undefined behaviour even though it probably =
 >  just works with the current GCC.
   
 >  Hm, "in theory" true, but "our" integers are 32 bits, and
 >  the new value is either larger or equal, or it isn't.
 
 Undefined behaviour doesn't work that way.
 
 >  +#define	ADDTORET(x) do {	\
 >  +	int oldret = ret;	\
 >  +	ret += (x);		\
 >  +	if (oldret > ret) {	\
 >  +		ret = EOF;	\
 >  +		goto error;	\
 >  +	}			\
 >  +} while (0)
 
 If you used some appropriate unsigned integer type, the code wouldn't even
 exploit undefined behaviour.
 
 Reminds me of size_t_add() function shown here:
 http://mail-index.NetBSD.org/tech-net/2006/10/11/0008.html
 
 If there's imin() et al. function like this should exist for basic math
 operations. You might not need them all the time but you certainly don't
 want to reinvent the wheel each time and possibly add some off-by-one
 bug or similar.
 
 >   #define	PRINT(ptr, len) do { \
 >   	iovp->iov_base = (ptr); \
 >   	iovp->iov_len = (len); \
 >  @@ -327,7 +335,7 @@ vfprintf(FILE *fp, const char *fmt0, _BS
 >   		}
 >   		if ((m = fmt - cp) != 0) {
 >   			PRINT(cp, m);
 >  -			ret += m;
 >  +			ADDTORET(m);
 >   		}
 
 I thought your int has only 32 bits?
 
 -- 
 Christian