This is the mail archive of the
gcc-patches@gcc.gnu.org
mailing list for the GCC project.
Re: Request to merge Undefined Behavior Sanitizer in
- From: "Joseph S. Myers" <joseph at codesourcery dot com>
- To: Marek Polacek <polacek at redhat dot com>
- Cc: GCC Patches <gcc-patches at gcc dot gnu dot org>, Jakub Jelinek <jakub at redhat dot com>, Jeff Law <law at redhat dot com>, Jason Merrill <jason at redhat dot com>
- Date: Thu, 25 Jul 2013 22:43:30 +0000
- Subject: Re: Request to merge Undefined Behavior Sanitizer in
- References: <20130725153227 dot GC32538 at redhat dot com> <20130725153500 dot GD32538 at redhat dot com>
On Thu, 25 Jul 2013, Marek Polacek wrote:
> +@item -fsanitize=undefined
> +Enable UndefinedBehaviorSanitizer, a fast undefined behavior detector
> +Various computations will be instrumented to detect
> +undefined behavior, e.g.@: division by zero or various overflows.
The same issues applies as for bounds-checking options - please give
sufficient information in the documentation for a user to be able to judge
the trade-offs between this and -ftrapv (for example).
It should also be clear how this interacts with -fwrapv. I'd say that
-fwrapv makes the semantics of overflow in signed-integer arithmetic no
longer undefined (of course division by zero is still undefined) and so
should mean such overflows aren't warned for. Now, you don't currently
have any checks this would affect (given that INT_MIN / -1 and INT_MIN %
-1 don't currently work reliably with -fwrapv anyway), but the intention
should be clear for when overflow checks are added.
--
Joseph S. Myers
joseph@codesourcery.com