This is the mail archive of the gcc@gcc.gnu.org mailing list for the GCC project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: Ada front-end depends on signed overflow

From: Andrew Pinski <pinskia at physics dot uc dot edu>
To: fw at deneb dot enyo dot de (Florian Weimer)
Cc: schlie at comcast dot net (Paul Schlie), pinskia at physics dot uc dot edu (Andrew Pinski), gcc at gcc dot gnu dot org (GCC List), bosch at gnat dot com
Date: Fri, 3 Jun 2005 11:20:52 -0400 (EDT)
Subject: Re: Ada front-end depends on signed overflow

> 
> * Paul Schlie:
> 
> >> (Without -fwrapv, integer overflow is undefined, and subsequent range
> >> checks can be optimized away, so that it might cause erroneous
> >> behavior.)
> >
> > - Since for all practical purposes most (if not all) target's use
> >   2's complement integer representations which naturally "wrap", might
> >   it be simply best to presume that all do "wrap" by default, but allow
> >   -fnowrapv to disable it if ever required by the odd target/language?
> 
> Enabling -fwrapv disables quite a few optimizations on signed integer
> types in C code.  OTOH, you should compile most real-world C code with
> -fwrapv anyway.  See my security advisory on incorrect overflow
> checking in C; this is a rather widespread issue, even in new code.

No they should be using -ftrapv instead which traps on overflow and then
make sure they are not trapping when testing.

Thanks,
Andrew Pinski

Follow-Ups:
- Re: Ada front-end depends on signed overflow
  - From: Paul Schlie

References:
- Re: Ada front-end depends on signed overflow
  - From: Florian Weimer

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]