> On Sep 15, 2023, at 3:43 AM, Xi Ruoyao <xry...@xry111.site> wrote: > > On Thu, 2023-09-14 at 21:41 +0000, Qing Zhao wrote: >>>> CLANG already provided -fsanitize=unsigned-integer-overflow. GCC >>>> might need to do the same. >>> >>> NO. There is no such thing as unsigned integer overflow. That option >>> is badly designed and the GCC community has rejected a few times now >>> having that sanitizer before. It is bad form to have a sanitizer for >>> well defined code. >> >> Even though unsigned integer overflow is well defined, it might be >> unintentional, shall we warn user about this? > > *Everything* could be unintentional and should be warned then. GCC is a > compiler, not an advanced AI educating the programmers.
Well, you are right in some sense. -:) However, overflow is one important source for security flaws, it’s important for compilers to detect overflows in the programs in general. Qing > > -- > Xi Ruoyao <xry...@xry111.site> > School of Aerospace Science and Technology, Xidian University
