This is the mail archive of the
gcc@gcc.gnu.org
mailing list for the GCC project.
Re: Signed int overflow behavior in the security context
- From: Paul Schlie <schlie at comcast dot net>
- To: Robert Dewar <dewar at adacore dot com>
- Cc: Richard Guenther <richard dot guenther at gmail dot com>, Joe Buck <Joe dot Buck at synopsys dot com>, Andreas Bogk <andreas at andreas dot org>, <gcc at gcc dot gnu dot org>
- Date: Sat, 27 Jan 2007 22:20:55 -0500
- Subject: Re: Signed int overflow behavior in the security context
> Robert Dewar wrote
>> Paul Schlie wrote:
>> - However x ^= x :: 0 for example is well defined because absent any
>> intervening assignments, all reference to x must semantically yield the
>> same value, regardless of what that value may be.
>
> Nope, there is no such requirement in the standard. Undefined means
> undefined. Again you are confusing the language C defined in the C
> standard with some ill-defined language in your mind with different
> semantics. Furthermore, it is quite easy to see how in practice you
> might get different results on successive accesses.
I'm game; how might multiple specified references to the same non-volatile
variable with no specified intervening assignments in a single threaded
language ever justifiably be interpreted to validly yield differing values?
(any logically consistent concrete example absent reliance on undefined
hand-waving would be greatly appreciated; as any such interpretation or
implementation would seem clearly logically inconsistent and thereby
useless; as although the value of a variable may be undefined, variable
reference semantics are well defined and are independent of its value)