From: kaih@khms.westfalen.de (Kai Henningsen)
To: gcc@gcc.gnu.org
Subject: Re: basic VRP min/max range overflow question
Date: Sun, 19 Jun 2005 10:18:00 -0000 [thread overview]
Message-ID: <9Z96FTq1w-B@khms.westfalen.de> (raw)
In-Reply-To: <42B48D43.2070100@adacore.com>
dewar@adacore.com (Robert Dewar) wrote on 18.06.05 in <42B48D43.2070100@adacore.com>:
> Here is an interesting example I have used sometimes to indicate just
> how this kind of information can propagate in a manner that would result
> in unexpected chaos. (Ada but obvious analogies in other languages)
>
>
> -- process command to delete system disk, check password first
>
> loop
> read (password)
> if password = expected_password then
> delete_system_disk;
> else
> complain_about_bad_password;
> npassword_attempts := npassword_attempts + 1;
> if npassword_attempts = 4 then
> abort_execution;
> end if;
> end if;
> end loop;
>
> Now suppose that npassword_attempt is not initialized, and we are in a
> language where doing an operation on an uninitialized value is undefined,
> erroneous or whatever other term is used for undefined disaster.
>
> Now the compiler can assume that npassword_attempts is not referenced,
> therefore it can assume that the if check on password is true, therefore
> it can omit the password check AARGH!
>
> This kind of backward propagation of undefinedness is indeed worrisome,
> but it is quite difficult to create a formal definition of undefined
> that prevents it.
But at least, in that case, the compiler could easily issue the
(presumably not required by the standard) warning that the else branch is
"unreachable code".
1/2 :-)
MfG Kai
next prev parent reply other threads:[~2005-06-19 10:18 UTC|newest]
Thread overview: 70+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-06-18 14:15 Paul Schlie
2005-06-18 16:19 ` Joseph S. Myers
2005-06-18 17:44 ` Paul Schlie
2005-06-18 18:05 ` Paul Schlie
2005-06-18 18:21 ` Joseph S. Myers
2005-06-18 18:50 ` Paul Schlie
2005-06-18 19:57 ` Joseph S. Myers
2005-06-18 21:01 ` Florian Weimer
2005-06-19 10:18 ` Kai Henningsen
2005-06-20 22:20 ` Mike Stump
2005-06-18 19:16 ` Paul Schlie
2005-06-18 21:26 ` Robert Dewar
2005-06-19 18:23 ` Paul Schlie
2005-06-20 2:44 ` Robert Dewar
2005-06-20 5:55 ` Paul Schlie
2005-06-20 10:14 ` Michael Veksler
2005-06-20 11:04 ` Paul Schlie
2005-06-20 11:32 ` Robert Dewar
2005-06-20 12:08 ` Paul Schlie
2005-06-20 12:39 ` Robert Dewar
2005-06-20 13:01 ` Paul Schlie
2005-06-20 13:14 ` Robert Dewar
2005-06-20 12:23 ` Michael Veksler
2005-06-20 12:46 ` Robert Dewar
2005-06-20 10:43 ` Robert Dewar
2005-06-20 10:54 ` Robert Dewar
2005-06-20 11:26 ` Paul Schlie
2005-06-20 11:34 ` Robert Dewar
2005-06-20 12:09 ` Paul Schlie
2005-06-20 11:14 ` Paul Schlie
2005-06-20 12:53 ` Michael Veksler
2005-06-20 12:59 ` Robert Dewar
2005-06-20 13:09 ` Paul Schlie
2005-06-20 13:17 ` Robert Dewar
2005-06-20 14:54 ` Michael Veksler
2005-06-20 18:01 ` Paul Schlie
2005-06-18 18:08 ` Joseph S. Myers
2005-06-18 21:08 ` Robert Dewar
2005-06-19 10:18 ` Kai Henningsen [this message]
2005-06-19 10:49 ` Robert Dewar
2005-06-20 13:22 ` Sebastian Pop
2005-06-20 18:10 ` DJ Delorie
2005-07-13 7:57 ` Sebastian Pop
2005-07-13 15:18 ` DJ Delorie
2005-06-21 15:21 ` Robert Dewar
2005-07-18 16:34 ` Sebastian Pop
2005-07-18 16:44 ` Robert Dewar
2005-07-19 6:44 ` Sebastian Pop
2005-07-19 7:07 ` Michael Veksler
2005-07-19 9:55 ` Sebastian Pop
2005-07-19 10:22 ` Michael Veksler
2005-06-20 19:53 ` Kai Henningsen
2005-06-18 20:55 ` Robert Dewar
2005-06-18 22:45 ` Tristan Wibberley
2005-06-20 21:47 ` Mike Stump
-- strict thread matches above, loose matches on Subject: below --
2005-06-17 12:00 Paul Schlie
2005-06-17 12:09 ` Paolo Bonzini
2005-06-17 18:29 ` Paul Schlie
2005-06-17 22:09 ` Paolo Bonzini
2005-06-17 22:48 ` Diego Novillo
2005-06-18 0:20 ` Paul Schlie
2005-06-18 0:23 ` Andrew Pinski
2005-06-18 0:59 ` Paul Schlie
2005-06-18 1:10 ` Dale Johannesen
2005-06-18 4:09 ` Mike Stump
[not found] ` <25364524.1119085038744.JavaMail.root@dtm1eusosrv72.dtm.ops.eu.uu.net>
2005-06-18 11:47 ` Toon Moene
2005-06-18 2:02 ` Robert Dewar
2005-06-17 4:28 Paul Schlie
2005-06-17 7:03 ` Paolo Bonzini
2005-06-17 12:28 ` Diego Novillo
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=9Z96FTq1w-B@khms.westfalen.de \
--to=kaih@khms.westfalen.de \
--cc=gcc@gcc.gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).