bug-gnulib
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: checking against signed integer overflow

From: Paul Eggert
Subject: Re: checking against signed integer overflow
Date: Sat, 5 Dec 2020 12:11:50 -0800
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.5.0 
On 12/5/20 10:07 AM, Bruno Haible wrote:

Jeffrey Walton wrote:

For the C language, safe_iop is available.


Gnulib's INT_*_WRAPV macros are similar. [1]
Similar, but more portable, as safe-iop requires things like ({...}) and typeof that the Gnulib macros don't assume.
Also, safe-iop generates considerably worse code. For example, on Fedora x86-64 with gcc -O2 the following program generates 33 instructions (with several conditional branches) for the safe-iop function 'mul_ok1' while generating only 3 instructions (branch-free) for the equivalent intprops.h function 'mul_ok2'. 

#include <safe_iop.h>
#include <intprops.h>

_Bool
mul_ok1 (long int a, long int b)
{
  long c;
  return safe_mul (&c, a, b);
}

_Bool
mul_ok2 (long int a, long int b)
{
  long c;
  return !INT_MULTIPLY_WRAPV (a, b, &c);
}
reply via email to
[Prev in Thread] Current Thread [Next in Thread]