[TYPES] Declarative vs imperative
Martin Escardo
m.escardo at cs.bham.ac.uk
Tue Apr 23 16:38:29 EDT 2013
On 23/04/13 19:32, Uday S Reddy wrote:
> If I paid
> good money for a C compiler, I would definitely demand that it should have
> an option to randomize the evaluation order of arguments.
You can compliantly randomize code generation for security purposes, as
is well known --- see e.g.
https://wiki.ubuntu.com/Security/Features#Userspace_Hardening
http://en.wikipedia.org/wiki/Buffer_overflow_protection
So, yes, as Uday says, a compiler can be non-deterministic in practice,
even deliberately (and I suspect non-deliberately too).
I haven't seen randomization for the resolution of unspecified
evaluation order in the standard definition of C (or any underspecified
language) yet, as Uday suggests, but I would be surprised if people
working on (applied or theoretical) program verification didn't think of
that already.
M.
More information about the Types-list
mailing list