> 
> * Paul Schlie:
> 
> >> (Without -fwrapv, integer overflow is undefined, and subsequent range
> >> checks can be optimized away, so that it might cause erroneous
> >> behavior.)
> >
> > - Since for all practical purposes most (if not all) target's use
> >   2's complement integer representations which naturally "wrap", might
> >   it be simply best to presume that all do "wrap" by default, but allow
> >   -fnowrapv to disable it if ever required by the odd target/language?
> 
> Enabling -fwrapv disables quite a few optimizations on signed integer
> types in C code.  OTOH, you should compile most real-world C code with
> -fwrapv anyway.  See my security advisory on incorrect overflow
> checking in C; this is a rather widespread issue, even in new code.

No they should be using -ftrapv instead which traps on overflow and then
make sure they are not trapping when testing.

Thanks,
Andrew Pinski

Reply via email to