On 04/03/2018 11:45 PM, Bruno Haible wrote: > Eric Blake wrote: >> What are the clang developers using as their justification >> for this warning? > > Quoting the clang documentation [1]: > > "-fsanitize=unsigned-integer-overflow: > Unsigned integer overflows. Note that unlike signed integer overflow, > unsigned integer is not undefined behavior. However, while it has well- > defined semantics, it is often unintentional, so UBSan offers to catch it." > > Bruno > > [1] https://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html
Thanks for looking into it. To squeeze out as many potential bugs from my applications, I turn all sanitizer options on. Then I reduce false positives by tagging the code parts / functions. A bit like deduction. The bad thing with clang is that I can't tag the calling function (in my application) but have to set the attribute for the function that triggers (in gnulib). Gnulib is made to serve app/lib developers. And reducing false positives would be of great help to reduce time spent into securing code that uses gnulib. But I understand if you deny to that on the gnulib's side - you would possibly open a can of worms. Regards, Tim
signature.asc
Description: OpenPGP digital signature