> * Andrew Pinski: > > > A simple loop like: > > int foo () > > { > > int a[N]; > > int i; > > int n; > > > > for (i = 0; i <= n; i++) > > ca[i] = 2; > > } > > > > we cannot find how many iterations it runs without knowing that signed > > types overflow. > > In this case, the assumption is not needed because the lack of > overflow can be inferred from the validity of the expression ca[i] for > all relevant i. However, in the general case, such information might > not be available. I wonder if it is feasible to duplicate the loop > code, once for positive n, and once for negative, or if this would > lead to too much code bloat in real-world applications. >
this transformation exactly was proposed here: http://gcc.gnu.org/ml/gcc-patches/2006-12/msg00695.html dorit > By the way, as I've tried to describe here: > <http://cert.uni-stuttgart.de/advisories/c-integer-overflow.php> > variable range tracking can result in reintroduction of > supposedly-fixed security vulnerabilities. 8-(