@RichFelker @musllibc And it has value for non-hardened builds too, since making the code compatible with it means bugs will be found.
@CopperheadSec @cr1901 I write to the actual language, so I don't use -fwrapv. Anything needing it is a bug in my book.
-
-
@RichFelker@cr1901 It's a bad idea to depend on it while writing code but it works well as a distribution hardening switch. -
@RichFelker@cr1901 Since there's a lot of bad code using incorrect signed overflow checks that can be optimized out, etc. -
@RichFelker@cr1901 And -fwrapv really has no performance cost in the real world. It only helps on stuff like SPEC (which it breaks!). -
@RichFelker@cr1901 Better to enable -fsanitize=signed-integer-overflow if you're willing to take a performance hit... but breaks too much. -
@CopperheadSec@cr1901 Anything that it "breaks" in inducing a hard crash in could have silent runaway wrong behavior on modern compilers. -
@CopperheadSec@cr1901 I'd rather see all this software start (controlled) crashing and get fixed. :-) -
@RichFelker@cr1901 Definitely, it's just a lot of work and most projects aren't responsive to those kinds of patches.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.