Kris Jurka <books@ejurka.com> writes:
> Gcc 4.3 has started to perform optimizations based on the denial of the
> existence of signed overflow.
> ...
> I don't understand the difference between -fwrapv and
> -fno-strict-aliasing, but it seems we need at least one of them.
I don't see -fno-strict-overflow listed at all in the manual for gcc 4.1.
So I think we should go for -fwrapv, which is defined thus:
`-fwrapv' This option instructs the compiler to assume that signed arithmetic overflow of addition, subtraction
andmultiplication wraps around using twos-complement representation. This flag enables some optimizations and
disablesothers. This option is enabled by default for the Java front-end, as required by the Java language
specification.
and so doesn't sound nearly as bad as Jakub painted it ;-). If we use
the other, we are assuming that there are no problems in 4.1, which
feels to me like a dangerous assumption. 4.1 *did* break mysql,
remember; and we have no regression tests checking most of these
security-related overflow tests, so we have no direct proof that we
are not broken.
regards, tom lane
