[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: checking against signed integer overflow
From: |
Bruno Haible |
Subject: |
Re: checking against signed integer overflow |
Date: |
Sat, 05 Dec 2020 22:42:03 +0100 |
User-agent: |
KMail/5.1.3 (Linux/4.4.0-193-generic; KDE/5.18.0; x86_64; ; ) |
Paul Eggert wrote:
> the safe-iop function 'mul_ok1' ... the equivalent intprops.h function
> 'mul_ok2'.
>
> #include <safe_iop.h>
> #include <intprops.h>
>
> _Bool
> mul_ok1 (long int a, long int b)
> {
> long c;
> return safe_mul (&c, a, b);
> }
>
> _Bool
> mul_ok2 (long int a, long int b)
> {
> long c;
> return !INT_MULTIPLY_WRAPV (a, b, &c);
> }
Oh, these are equivalent? I must admit that I have been avoiding these *_WRAPV
macros (in part) because of their deterring name.
When I'm searching for a function to do safe integer arithmetic, I would not
think at using a function with 'WRAPV' in its name, given that the gcc '-fwrapv'
option is for programs which assume an older C standard. I would, however, pay
attention to a function with 'SAFE' it its name.
How about adding a macro
#define SAFE_INT_MULTIPLY(a, b, result) \
! INT_MULTIPLY_WRAPV (a, b, result)
and documenting it as a safe way to do integer multiplication, regardless of
compiler options in effect?
The fact that when there is overflow, *result gets assigned to some value and
how this value can be defined, would be of secondary importance (a
"technicality", one might say).
Bruno
- [PATCH] intprops: update doc and mention Unisys, Paul Eggert, 2020/12/04
- Re: checking against signed integer overflow, Bruno Haible, 2020/12/05
- Re: checking against signed integer overflow, Jeffrey Walton, 2020/12/05
- Re: checking against signed integer overflow, Bruno Haible, 2020/12/05
- Re: checking against signed integer overflow, Paul Eggert, 2020/12/05
- Re: checking against signed integer overflow,
Bruno Haible <=
- Re: checking against signed integer overflow, Paul Eggert, 2020/12/05
- Re: checking against signed integer overflow, Bruno Haible, 2020/12/06
- Re: checking against signed integer overflow, Paul Eggert, 2020/12/07
- Re: checking against signed integer overflow, Bruno Haible, 2020/12/07
- Re: checking against signed integer overflow, Jeffrey Walton, 2020/12/05
- Re: checking against signed integer overflow, Paul Eggert, 2020/12/05
- Re: checking against signed integer overflow, Bruno Haible, 2020/12/05
- Re: checking against signed integer overflow, Paul Eggert, 2020/12/06
Re: checking against signed integer overflow, Paul Eggert, 2020/12/05