On Sat, Sep 3, 2011 at 5:08 PM, Eric Botcazou <ebotca...@adacore.com> wrote: >> Well, for real-world code I believe that. But see all the recent testcases >> for corner-cases of our signed-overflow stuff, they all require >> hand-crafted testcases involving INT_MIN, no inlining and even -ftrapv. >> What I meant to say is, given Ada can construct arbitrary layouted types it >> should be possible to have testcases for all the corner-cases - after all >> you cannot have both, undefined overflow and wrapping overflow, at the same >> time. > > Don't forget that we pretend that sizetypes don't overflow; in other words, we > don't support arbitrarily-sized types, so no INT_MAX or something like that.
I know what we "pretend", but "pretending" is far from a rigorous specification of behavior. What's the range of valid sizes we support? Are all sizetype (sub-)expressions always of value in that range? What do we do about the fact that sizetype is unsigned, so -x always overflows for x != 0? Thus, do we need to disable all a - b -> a + -b kind of foldings for sizetypes? (we don't) What I see we pretend is that "sizetype" is supposed to be of infinite precision (well, infinite "enugh" to handle all (sub-)expressions of sizetype that may occur). An unsigned type isn't well-suited for that, of course. A type that is of the same precision as pointers possibly neither, considering sub-expressions. Given the restriction we impose in the C fronted (objects can be max convering half of the address-space) making all sizetypes signed would probably make sense (but that isn't easy, I've tried that already - keeping them unsigned but no longer sign-extending was way easier ;)) >> Ok, I'll revert it on monday. > > Thanks. I'll give the complete patch a try on our internal testsuite. Thanks. I'll expect some fallout. Richard. > -- > Eric Botcazou >
