[Cryptography] Ada vs Rust vs safer C

Florian Weimer fw at deneb.enyo.de
Sun Sep 18 03:45:37 EDT 2016

* Ron Garret:

> You are right, however, that this is indeed undefined behavior,
> although I think you’d be hard pressed to find a compiler that
> actually took advantage of that fact to do anything other than do the
> math mod 2^n for some appropriate value of n.

Not really, GCC is such a compiler.  It started with loop optimization
(where there is some value in knowing that a loop must execute at
least once), and now extends somewhat beyond that.  It is still not
very aggressive, but it already can optimize away incorrectly written
overflow checks.

Clang is similar in this regard.  The frontend produces LLVM IR with
markup so that signed overflow is deemed undefined to the LLVM

More information about the cryptography mailing list