On Wed, Jan 24, 2007 at 07:51:21AM -0500, Richard Kenner wrote: > > Your conclusion may well be correct. The question for this group is: > > what's the best that GCC can do to serve the community/society? > > Do all it can to discourage people from writing safety- or > security-critical code in a language they don't understand? ;-)
The problem goes all the way back to the original Bell Labs crew. They put out a book saying that signed int overflow in C was undefined, and then proceeded to write an OS and a set of utilities that was full of the assumption that signed overflow wrapped. Suddenly rejecting all that code, or making it generate a different result, would not serve the community/society. On the other hand, for loop unrolling, C compilers have long made assumptions about ignoring overflows. Refusing to do that, and slowing things down, also would not serve the community/society. The challenge, then, is to figure out some kind of compromise that can be defined in a robust manner. The current situation in C is that according to the *real* definition that people code to, signed int overflow wraps, except in certain cases where we assume that signed int overflow does not occur, and we're fuzzy about just what those cases are.
