This is the mail archive of the gcc-bugs@gcc.gnu.org mailing list for the GCC project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

[Bug middle-end/48580] missed optimization: integer overflow checks


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=48580

--- Comment #17 from Martin von Gagern <Martin.vGagern at gmx dot net> 2013-02-02 18:54:43 UTC ---
(In reply to comment #16)
> I somewhat disagree. A program must be correct; it should be secure;
> and it can be efficient. I'm interested in "correct" and "secure".
> If a program silently overflows, its surely not correct.

I'm not talking about silently ignoring overflows, quite the contrary. Always
doing the correct thing leads to arbitrary size integers. Checking all (signed)
arithmetic leads to -ftrapv. Checking some arithmetic might perhaps be achieved
with the signalling types from comment #12, although semantics for mixed types
might be problematic. The non-signalling versions will only improve things if
one actually checks the additional information after the operation, which might
easily be forgotten. Checking individual operations could also (and in my
opinion better) be achieved with builtins, and in this case a warning could be
issued if the return value indicating the overflow is ignored. Builtins might
even allow using specific overflow semantics for code otherwise compiled with
-ftrapv, thus increasing the usability of that flag.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]