[cfe-dev] Integer overflow checking
David Chisnall
theraven at sucs.org
Sun May 17 03:19:07 PDT 2009
On 17 May 2009, at 00:17, Martin Doucha wrote:
> Perhaps I should clarify. The goal of my thesis is to detect and
> report
> newbie mistakes. That includes unsigned overflow because although it's
> well defined, it's almost certainly a mistake in newbie code. What
> language standard says about the behavior is one thing. Whether or not
> it's considered a bug in actual code is quite another. Anyway, you're
> free to do anything you wish with that patch.
I'd like to add that there is currently a proposal before WG14 from
the secure coding group to make it possible to trap[1] on both signed
and unsigned overflow. Even though a signed overflow is well defined,
a huge body of existing code does the wrong thing in the presence of
overflow and making code .
The original -ftrapu patch that was reverted was almost expressive
enough to implement all of the current proposals in the library (the
flag was/is too coarse-grained, but the stuff in CodeGen was usable).
The new patch provides a less-useful trap function.
David
[1] C1x has a proposed callback mechanism for things like this, a bit
like a subset of Lisp resumable exceptions handling (without stack
unwinding).
More information about the cfe-dev
mailing list