This is the mail archive of the
gcc@gcc.gnu.org
mailing list for the GCC project.
Re: Ada front-end depends on signed overflow
- From: Paul Schlie <schlie at comcast dot net>
- To: Andrew Pinski <pinskia at physics dot uc dot edu>,Florian Weimer <fw at deneb dot enyo dot de>
- Cc: GCC List <gcc at gcc dot gnu dot org>,<bosch at gnat dot com>
- Date: Fri, 03 Jun 2005 11:34:52 -0400
- Subject: Re: Ada front-end depends on signed overflow
> From: Andrew Pinski <pinskia@physics.uc.edu>
>>>> (Without -fwrapv, integer overflow is undefined, and subsequent range
>>>> checks can be optimized away, so that it might cause erroneous
>>>> behavior.)
>>>
>>> - Since for all practical purposes most (if not all) target's use
>>> 2's complement integer representations which naturally "wrap", might
>>> it be simply best to presume that all do "wrap" by default, but allow
>>> -fnowrapv to disable it if ever required by the odd target/language?
>>
>> Enabling -fwrapv disables quite a few optimizations on signed integer
>> types in C code. OTOH, you should compile most real-world C code with
>> -fwrapv anyway. See my security advisory on incorrect overflow
>> checking in C; this is a rather widespread issue, even in new code.
>
> No they should be using -ftrapv instead which traps on overflow and then
> make sure they are not trapping when testing.
- why? what language or who's code/target ever expects such a behavior?