From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gcc-return-116709-listarch-gcc=gcc.gnu.org@gcc.gnu.org>
Received: (qmail 17028 invoked by alias); 2 Jul 2005 23:12:36 -0000
Mailing-List: contact gcc-help@gcc.gnu.org; run by ezmlm
Precedence: bulk
List-Archive: <http://gcc.gnu.org/ml/gcc/>
List-Post: <mailto:gcc@gcc.gnu.org>
List-Help: <http://gcc.gnu.org/ml/>
Sender: gcc-owner@gcc.gnu.org
Received: (qmail 17018 invoked by uid 22791); 2 Jul 2005 23:12:33 -0000
Received: from nobodaddy.cs.utexas.edu (HELO nobodaddy.cs.utexas.edu) (128.83.120.154)
    by sourceware.org (qpsmtpd/0.30-dev) with ESMTP; Sat, 02 Jul 2005 23:12:33 +0000
Received: from charco.cs.utexas.edu (njn@charco.cs.utexas.edu [128.83.144.45])
	by nobodaddy.cs.utexas.edu (8.13.4/8.13.4) with ESMTP id j62NCDLN019213;
	Sat, 2 Jul 2005 18:12:14 -0500 (CDT)
Received: (from njn@localhost)
	by charco.cs.utexas.edu (8.13.4/8.13.4/Submit) id j62NCD4A016392;
	Sat, 2 Jul 2005 18:12:13 -0500
Date: Sat, 02 Jul 2005 23:12:00 -0000
From: Nicholas Nethercote <njn@cs.utexas.edu>
To: Florian Weimer <fw@deneb.enyo.de>
cc: Robert Dewar <dewar@adacore.com>, Olivier Galibert <galibert@pobox.com>,
        Dave Korn <dave.korn@artimi.com>, "'Andrew Haley'" <aph@redhat.com>,
        "'Gabriel Dos Reis'" <gdr@integrable-solutions.net>,
        "'Andrew Pinski'" <pinskia@physics.uc.edu>,
        "'gcc mailing list'" <gcc@gcc.gnu.org>
Subject: Re: signed is undefined and has been since 1992 (in GCC)
In-Reply-To: <8764vt2kq3.fsf@deneb.enyo.de>
Message-ID: <Pine.LNX.4.63.0507021807030.427@charco.cs.utexas.edu>
References: <20050628171752.GE52889@dspnet.fr.eu.org>
 <SERRANO4Hqx6zrWWqGY00000275@SERRANO.CAM.ARTIMI.COM> <20050628180203.GG52889@dspnet.fr.eu.org>
 <42C19C5A.2040705@adacore.com> <20050628191746.GJ52889@dspnet.fr.eu.org>
 <42C1A318.4040407@adacore.com> <8764vt2kq3.fsf@deneb.enyo.de>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
X-SW-Source: 2005-07/txt/msg00073.txt.bz2

On Sat, 2 Jul 2005, Florian Weimer wrote:

>> I am puzzled, why would *ANYONE* who knows C use int
>> rather than unsigned if they want wrap around semantics?
>
> Both OpenSSL and Apache programmers did this, in carefully reviewed
> code which was written in response to a security report.  They simply
> didn't know that there is a potential problem.  The reason for this
> gap in knowledge isn't quite clear to me.

I've done a lot of C programming in the last three years, and for my day 
job I'm working on a C compiler (albeit in parts that are not very C 
specific), and I didn't know that signed overflow is undefined.  Why not? 
I guess I never heard otherwise and I just assumed it would wrap due to 
two's complement arithmetic.  I don't think I've ever written a serious C 
program that required wrap-around on overflow, though.

Nick