This is the mail archive of the
gcc@gcc.gnu.org
mailing list for the GCC project.
Re: GCC optimizes integer overflow: bug or feature?
- From: Denis Vlasenko <vda dot linux at googlemail dot com>
- To: gcc at gcc dot gnu dot org
- Cc: Paolo Bonzini <bonzini at gnu dot org>, bug-gnulib at gnu dot org
- Date: Tue, 19 Dec 2006 19:48:36 +0100
- Subject: Re: GCC optimizes integer overflow: bug or feature?
- References: <20061218230847.GD3824@iam.uni-bonn.de> <877iwo6vbw.fsf@mid.deneb.enyo.de> <4587C0EE.7050909@gnu.org>
On Tuesday 19 December 2006 11:37, Paolo Bonzini wrote:
>
> > By the way, as I've tried to describe here:
> > <http://cert.uni-stuttgart.de/advisories/c-integer-overflow.php>
> > variable range tracking can result in reintroduction of
> > supposedly-fixed security vulnerabilities. 8-(
>
> Interesting read. I agree with the proposed fix; however, note that GCC
> does not make the result of overflowing signed left-shifts undefined,
> exactly because in this case the overflow is relied upon by too many
> existing programs (and also because left shifts are inherently a bitwise
> operation, with well defined overflowing behavior on the most
> significant bits).
I wrote this just a few days ago:
do {
int32_t v1 = v << 1;
if (v < 0) v1 ^= mask;
v = v1;
printf("%10u: %08x\n", c++, v);
} while (v != 1);
I would become rather sad if this will stop compiling correctly.
--
vda