From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=-0.8 required=5.0 tests=DKIM_ADSP_CUSTOM_MED, DKIM_INVALID,DKIM_SIGNED,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI autolearn=ham autolearn_force=no version=3.4.4 Received: from minnie.tuhs.org (minnie.tuhs.org [50.116.15.146]) by inbox.vuxu.org (Postfix) with ESMTP id 7905A32C23 for ; Fri, 15 Aug 2025 19:18:29 +0200 (CEST) Received: from minnie.tuhs.org (localhost [IPv6:::1]) by minnie.tuhs.org (Postfix) with ESMTP id 27F4E43B4F; Sat, 16 Aug 2025 03:18:21 +1000 (AEST) Received: from mail-yw1-x112d.google.com (mail-yw1-x112d.google.com [IPv6:2607:f8b0:4864:20::112d]) by minnie.tuhs.org (Postfix) with ESMTPS id 6141B43B49 for ; Sat, 16 Aug 2025 03:18:03 +1000 (AEST) Received: by mail-yw1-x112d.google.com with SMTP id 00721157ae682-71d603658e3so19800427b3.1 for ; Fri, 15 Aug 2025 10:18:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1755278282; x=1755883082; darn=tuhs.org; h=cc:to:subject:message-id:date:from:mime-version:from:to:cc:subject :date:message-id:reply-to; bh=tSyfX4iYT9PppTZgwMUlm6lH9zHx0SfiuKJfq87lrnQ=; b=LgkYhsvv45L+MfX54krQ+3NODNEj0Aw/wkJJt9hT2qHHU/+x+V5y2NGFh+Q5TT/5RP 6FPgwkVzUZnmbtqijH3nt2anNluasw0tHIOKYXpUs3Ski7B0iCfA5rxn3g0yX4xvb3UX Ck4Ie/e4IlJ0dlzBaMOgFGcrfEPoXEYl8O1pNa5E3KxejGfZmvGzFutrVmGdR7dNAY/C ys05tXt94XGy2tBSX45pRrZ7tktBjWdJ1SCWFPYwLSL5VMg57HTBfgVoeAX0XU4AREQy Ouu7sqA/Wczd/9pgLhhYZWXMEf00K6ZKUqOb2+kbSrPo5ZkXPK9PJEqc10mLoDNZvMHM azYg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755278282; x=1755883082; h=cc:to:subject:message-id:date:from:mime-version:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=tSyfX4iYT9PppTZgwMUlm6lH9zHx0SfiuKJfq87lrnQ=; b=V3NK+IbeLCYY7G5hXN8P7bZiNK/i8y0bPv6IFw33Gaq2f+OcfvO9+Qi2yJuvmjCdv0 b8+D0MIi591H8iZ9i3kTpLPsp0sf/HCIKidgqZjOwXD7HwYEG0RBE2neN6f0E644Pt7S /FXkZwUlM33Xv+3oqo/lwPsTlzJzyzQ+qF8sNmoAxQs9z3L1DdOmfEvQYYNFHd7UkR2f g8Skcdo/2hnBNulalR9KU0GsDTD5u3qrapGGXUEeHZ1hPPkdXmPBHZsQDWlcI7b78LBT T2KDLBxGa3i0wdIclOAu64MAE2fBpAcAKldnkdw8DBrvqcDSRhCOrVJvkDCp58L24d6e X/mw== X-Gm-Message-State: AOJu0Yy24UIuPh3iyj0Jea+m6NAJ53D3Z2VfWZJVel0phpxGGZHF51uK SZIH5gLg34jpOvqBZNXtshQP3A8WS7HHVwGq6S+rxBg7jCWehcHj7R65dc8SiX773Pkx+rRYgbH 4/5NU2WjmwsjQl4FJ3GcsdZa8lWnPXJwwdu69 X-Gm-Gg: ASbGncs6BTJnrWTJdi0YxouCjrT+dU7WJ7Udyxih6nySRjBm4nIjCs4xnLSpmhcysI5 FTMq7cK8z3nLPt7YPX1pkdNMs9P2VulIzaN20AvUeSIMgG69UwBamO/imMlv5REYirnFDJFI4H5 8V53o5WQOgWmV+m0lrJJvAEUDQFcPQjeoNtmFWj7MvgzwJNkzMvAYS71WQuC6AT34iudLb6Si7g hqCl3hGifgi9jWjEsJ7Ais6D7UMTlzooNdGHitg X-Google-Smtp-Source: AGHT+IESJHAi7LL0RYGsf7VRa1WEP+ZwXUZi7IHvOHQx88JB+iu6kBOXTb5aXR0mqq9TuAgUGt8wW/HQfBNXWrtjySw= X-Received: by 2002:a05:690c:909:b0:71e:257d:1214 with SMTP id 00721157ae682-71e6de29ee9mr35062687b3.32.1755278282249; Fri, 15 Aug 2025 10:18:02 -0700 (PDT) MIME-Version: 1.0 From: Dan Cross Date: Fri, 15 Aug 2025 13:17:25 -0400 X-Gm-Features: Ac12FXw0t1bMx42ujnyetFceQKxnucYqyNNgyRH4NJ_TvHzkiMpNXCSdnv6idhk Message-ID: To: TUHS Content-Type: text/plain; charset="UTF-8" Message-ID-Hash: EM5ZEQCW4SRERUHZCGBNB3NF6VP4ARVA X-Message-ID-Hash: EM5ZEQCW4SRERUHZCGBNB3NF6VP4ARVA X-MailFrom: crossd@gmail.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tuhs.tuhs.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: Douglas McIlroy X-Mailman-Version: 3.3.6b1 Precedence: list Subject: [TUHS] C history question: why is signed integer overflow UB? List-Id: The Unix Heritage Society mailing list Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: [Note: A few folks Cc'ed directly] This is not exactly a Unix history question, but given the close relationship between C's development and that of Unix, perhaps it is both topical and someone may chime in with a definitive answer. Starting with the 1990 ANSI/ISO C standard, and continuing on to the present day, C has specified that signed integer overflow is "undefined behavior"; unsigned integer arithmetic is defined to be modular, and unsigned integer operations thus cannot meaningfully overflow, since they're always taken mod 2^b, where b is the number of bits in the datum (assuming unsigned int or larger, since type promotion of smaller things gets weird). But why is signed overflow UB? My belief has always been that signed integer overflow across various machines has non-deterministic behavior, in part because some machines would trap on overflow (e.g., Unisys 1100 series mainframes) while others used non-2's-complement representations for signed integers (again, the Unisys 1100 series, which used 1's complement), and so the results could not be precisely defined: even if it did not trap, overflowing a 1's complement machine yielded a different _value_ than on 2's complement. And around the time of initial standardization, targeting those machines was still an important use case. So while 2's complement with silent wrap-around was common, it could not be assumed, and once machines that generated traps on overflow were brought into the mix, it was safer to simply declare behavior on overflow undefined. But is that actually the case? Thanks in advance. - Dan C.