On Fri, Sep 15, 2023 at 8:12 AM Qing Zhao <qing.z...@oracle.com> wrote: > > > > > On Sep 15, 2023, at 3:43 AM, Xi Ruoyao <xry...@xry111.site> wrote: > > > > On Thu, 2023-09-14 at 21:41 +0000, Qing Zhao wrote: > >>>> CLANG already provided -fsanitize=unsigned-integer-overflow. GCC > >>>> might need to do the same. > >>> > >>> NO. There is no such thing as unsigned integer overflow. That option > >>> is badly designed and the GCC community has rejected a few times now > >>> having that sanitizer before. It is bad form to have a sanitizer for > >>> well defined code. > >> > >> Even though unsigned integer overflow is well defined, it might be > >> unintentional, shall we warn user about this? > > > > *Everything* could be unintentional and should be warned then. GCC is a > > compiler, not an advanced AI educating the programmers. > > Well, you are right in some sense. -:) > > However, overflow is one important source for security flaws, it’s important > for compilers to detect > overflows in the programs in general.
Except it is NOT an overflow. Rather it is wrapping. That is a big point here. unsigned wraps and does NOT overflow. Yes there is a major difference. > > Qing > > > > -- > > Xi Ruoyao <xry...@xry111.site> > > School of Aerospace Science and Technology, Xidian University >
