[Cryptography] Ada vs Rust vs safer C
John Gilmore
gnu at toad.com
Sat Sep 17 17:46:37 EDT 2016
> 1. Simply warning about all detected undefined behavior (instead of silently emitting stupid code) would be huge win.
Simply warning about all detected undefined behavior would produce so
many warnings that nobody would care to read them, and nobody could do
anything to resolve them. See -Wstrict-overflow=5 in the gcc manual,
for example.
int foo(a) { return a+1; }
This function is undefined, because adding 1 to A might cause an
integer overflow if the value of A happens to be INT_MAX, which in
most cases cannot be detected at compile or link time.
John
More information about the cryptography
mailing list