On 2018-11-24 08:26:39 -0600, Segher Boessenkool wrote: > -fsanitize=undefined instruments undefined behaviour. This isn't undefined > behaviour. Also, both -fsanitize=signed-integer-overflow and -ftrapv are > documented to only do things for addition, subtraction, and multiplication > (not conversion). > > If you want a warning for implementation-defined behaviour, sure, not many > people will oppose that (it will warn all of the time, making it not very > useful, but hey). Still, it should be a separate option. Implementation- > defined behaviour is not undefined, after all. It is a design flaw in GCC, which should have chosen the "implementation-defined signal" solution, as allowed by the C standard. This would be much more secure. -- Vincent Lefèvre <vincent@xxxxxxxxxx> - Web: <https://www.vinc17.net/> 100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/> Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)
