From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 23112 invoked by alias); 17 Jun 2005 12:00:33 -0000 Mailing-List: contact gcc-help@gcc.gnu.org; run by ezmlm Precedence: bulk List-Archive: List-Post: List-Help: Sender: gcc-owner@gcc.gnu.org Received: (qmail 23048 invoked by uid 22791); 17 Jun 2005 12:00:20 -0000 Received: from rwcrmhc13.comcast.net (HELO rwcrmhc13.comcast.net) (204.127.198.39) by sourceware.org (qpsmtpd/0.30-dev) with ESMTP; Fri, 17 Jun 2005 12:00:20 +0000 Received: from [10.0.1.2] (c-24-61-199-96.hsd1.nh.comcast.net[24.61.199.96]) by comcast.net (rwcrmhc13) with SMTP id <20050617113518015000r9noe>; Fri, 17 Jun 2005 11:35:18 +0000 User-Agent: Microsoft-Entourage/11.1.0.040913 Date: Fri, 17 Jun 2005 12:00:00 -0000 Subject: Re: basic VRP min/max range overflow question From: Paul Schlie To: Paolo Bonzini , Message-ID: Mime-version: 1.0 Content-type: text/plain; charset="US-ASCII" Content-transfer-encoding: 7bit X-SW-Source: 2005-06/txt/msg00698.txt.bz2 > Paolo Bonsini wrote: >> Upon a potential integer overflow of either it's min or max range, >> shouldn't the result be set to [min:type-min-value, max:type-max-value], >> without the necessity of any further designations? > > No. > > [10, INT_MAX] + [ 1, 1 ] == [ 11, INT_MAX ] because of the famous signed > int overflow definition in the C standard. > > [10U, UINT_MAX] + [ 1U, 1U ] == ~[ 1U, 10U ] ??? Do you mean: H.2.2 Integer types [#1] The signed C integer types int, long, long long and the corresponding unsigned types are compatible with LIA-1. If an implementation adds support for the LIA-1 exceptional values integer_overflow and undefined, then those types are LIA-1 conformant types. C's unsigned integer types are "modulo" in the LIA-1 sense in that overflows or out-of-bounds results silently wrap. An implementation that defines signed integer types as also being modulo need not detect integer overflow, in which case, only integer divide-by-zero need be detected. Where in combination with: 5.1.2.3 Program execution Examples 2. In executing the fragment char c1, c2; /* ... */ c1 = c1 + c2; the ``integer promotions'' require that the abstract machine promote the value of each variable to int size and then add the two ints and truncate the sum. Provided the addition of two chars can be done without overflow, or with overflow wrapping silently to produce the correct result, the actual execution need only produce the same result, possibly omitting the promotions. It seems pretty clear given that for all practical purposes all typical machines do silently wrap integer overflow, they all correspondingly yield: [10, INT_MAX] + [ 1, 1 ] == [INT_MIN, INT_MAX ] [10U, UINT_MAX] + [ 1U, 1U ] == [UINT_MIN, UINT_MAX] or more generally: [_MIN, _MAX] upon overflow.