Am Thursday, 11. August 2011, 19:15:41 schrieb Richard Guenther: > On Thu, Aug 11, 2011 at 7:13 PM, Joe Buck <joe.b...@synopsys.com> wrote: > > On Thu, Aug 11, 2011 at 09:05:19AM -0700, Florian Merz wrote: > >> If I remember the standard correctly, pointer subtraction is valid if > >> both pointers point to elements of the same array or to one past the > >> last element of the array. According to this 0x80000000 - 0x7FFFFFFF > >> should be a valid pointer subtraction with the result 0x00000001. > >> > >> But if the subtraction is treated as a signed, this would be an signed > >> integer overflow, as we subtract INT_MAX from INT_MIN, which surely > >> must overflow, and the result therefore would be undefined. > > > > It is true that the C and C++ languages make signed integer overflow > > undefined, but that's for actual integer types as declared by the user. > > For pointers, though the subtraction has to be signed (because, for two > > pointers, either can can come later in the address space), this signed > > subtraction has to be defined to work in a two's complement fashion (so > > the wraparound in your example case works reliably). > > Of course GCC can't (yet) do both at the same time. Thus we have to > use unsigned arithmetic when we want two's complement arithmetic.
I agree on that. Unsigned subtraction isn't entirely correct either, after all the result might be negative, but with unsigned subtraction at least we get two's complement arithmetic without trapping.