Help stabilising mini-gmp

Niels Möller nisse at lysator.liu.se
Fri Nov 25 18:10:03 UTC 2016


tg at gmplib.org (Torbjörn Granlund) writes:

> I assume "undefined" means that the computer will not explode, or even
> cause any less dramatic security issues, or even terminate execution.

I think a typical operation with "undefined" meaning is dereferencing a
NULL pointer. Which on most current systems will terminate execution.

A system where left shift can crash seems a bit more unlikely. But I
guess it's conceivable with a processor and C compiler featuring an
"arithmetic left shift" instruction which traps on signed overflow.
Which would be compliant with the C standard.

Bit it's surprising to me too that also non-overflowing left shift of
negative values is undefined. So it seems generally unsafe to use shift
on signed types, except possibly for constants.

/Niels

-- 
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.


More information about the gmp-devel mailing list