Security professionals who cannot write a correct integer overflow / pointer overflow check remind me of arsonist firefighters.
-
-
btw LLVM and GCC both already emit pretty good code for thispic.twitter.com/44LMxlYX1D
-
That's a buggy test; it assumes long is twice as wide as int.
-
Even if you fix that detail using right types, it assumes _existence_ of a double-width type...
-
..which is false for size_t on a 64-bit system.
-
Even with existence, it's buggy. It should be `unsigned long`.
-
As written g(-1,-1) does signed overflow if long is 64b and unsigned is 32b.
-
yeah yeah yeah
-
I love this thread, it really captures C programming accurately.
- 1 more reply
New conversation -
-
-
Also after div->mul opt, compiler should cse with a subsequent mul.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
this is the missing LLVM optimization; I'll submit after writing testspic.twitter.com/LlHsjAMFCA
-
alas LLVM can't yet CSE across a multiply and a umul.with.overflow intrinsic
End of conversation
New conversation -
-
-
needs to be fixed in backend, someone else will have to do it https://llvm.org/bugs/show_bug.cgi?id=27794 …
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
I'll look into it
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.