[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: checked integer arithmetic
From: |
Bruno Haible |
Subject: |
Re: checked integer arithmetic |
Date: |
Wed, 14 Dec 2016 23:56:28 +0100 |
User-agent: |
KMail/4.8.5 (Linux/3.8.0-44-generic; KDE/4.8.5; x86_64; ; ) |
Hi Paul,
Possibly dumb questions, but:
> over time I am
> becoming more inclined to like the Emacs model, where object counts are
> typically kept as nonnegative but signed integers. This approach makes C
> code a bit more reliable, as compiling with -fsanitize=undefined is more
> likely to catch integer overflow errors in index calculations (a real
> problem nowadays).
Are you saying that -fsanitize=undefined or -fsanitize=signed-integer-overflow
(or -ftrapv, when using an older GCC) can detect integer overflow for signed
integers, whereas no such option exists and won't exist for unsigned integers
(because there are so many pieces of code that intentionally do a mod-2^32
or mod-2^64 computation on unsigned integers?
And what about the gnulib 'xsize' module for checked size_t computations?
Bruno
- FYI: dfa: add an assertion to avoid coverity false positive, Jim Meyering, 2016/12/14
- Re: FYI: dfa: add an assertion to avoid coverity false positive, Paul Eggert, 2016/12/14
- Re: checked integer arithmetic,
Bruno Haible <=
- Re: checked integer arithmetic, Eric Blake, 2016/12/14
- Re: checked integer arithmetic, Paul Eggert, 2016/12/14
- xalloc-oversized PTRDIFF_MAX fix (was: checked integer arithmetic), Paul Eggert, 2016/12/14
- Re: checked integer arithmetic, Bruno Haible, 2016/12/14
- Re: checked integer arithmetic, Bruno Haible, 2016/12/15
- Re: checked integer arithmetic, Paul Eggert, 2016/12/15
- Re: checked integer arithmetic, Bruno Haible, 2016/12/15
- Re: checked integer arithmetic, Bruno Haible, 2016/12/15
- Re: checked integer arithmetic, Paul Eggert, 2016/12/16
Re: FYI: dfa: add an assertion to avoid coverity false positive, Paul Eggert, 2016/12/14