Sponsored link
Vyatta –
Linux & Open Source
Alternative to Cisco –
Advanced Routing,
Firewall, VPN, QoS..
Free Download ->
| |||||||||||
Since when does GCC *assume* the program to be correct?Since when does GCC *assume* the program to be correct?Posted Apr 18, 2008 16:19 UTC (Fri) by viro (subscriber, #7872)In reply to: Since when does GCC *assume* the program to be correct? by brouhaha Parent article: GCC and pointer overflows
Standard is a contract between authors of program and authors of C implementation; if program invokes undefined behaviour, all bets are off. It is allowed to compile the check in question into "check if addition had triggered an overflow; if it had, before bothering with any comparisons do unto luser what Simon would have done on a particulary bad day". It can also turn that into "if addition overflows, take the value of first argument". And optimize according to that. It's not a matter of optimizing your comparisons away; it's a matter of addition having no prescribed semantics in case of overflows, regardless of optimizations.
(Log in to post comments)
Since when does GCC *assume* the program to be correct? Posted Apr 18, 2008 21:00 UTC (Fri) by nix (subscriber, #2304) [Link] Well said. Also, while in some cases it is a QoI issue which high-quality implementations will in some cases prescribe useful semantics for, this isn't such a case. I can't think of any particularly useful semantics for pointer wraparound, especially given that distinct objects have no defined nor stable relationships with each other anyway. Operating under the rules of modular arithmetic might have been nice, and perhaps a more recent language would define that...
|
|||||||||||