This is the mail archive of the gcc@gcc.gnu.org mailing list for the GCC project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: Signed int overflow behavior in the security context

From: prj at po dot cwru dot edu (Paul Jarc)
To: Paul Schlie <schlie at comcast dot net>
Cc: GCC Development <gcc at gcc dot gnu dot org>
Date: Tue, 30 Jan 2007 00:24:53 -0500
Subject: Re: Signed int overflow behavior in the security context
References: <C1E439DC.FB66%schlie@comcast.net>

Paul Schlie <schlie@comcast.net> wrote:
> Paul Jarc wrote:
>> As noted in the defect report, a trap representation can have the
>> same bit pattern as a valid value.  Trapness depends not just on
>> the bit pattern, but also how the bit pattern was produced.
>
> - that's not what is says

Did you read it?

# Implementations are permitted to track the origins of a bit-pattern
# and treat those representing an indeterminate value as distinct from
# those representing a determined value.

> a pointer value may be/become a trap representation [...]

That is also true, but there is more than that.

> is required to be well specified [...] as otherwise the language
> couldn't be utilized to write even the most hardware drivers
> required of all computer systems.

In a sense, the language *can't* be used to write most hardware
drivers.  Drivers do invoke undefined behavior - that is, the standard
makes no guarantees about their behavior - but the particular platform
they are targeted for makes its own guarantees, so the code is still
useful, even though it is not strictly conforming C.

paul

References:
- Re: Signed int overflow behavior in the security context
  - From: Paul Schlie

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]