[clang] [Clang] Introduce OverflowBehaviorType for fine-grained overflow control (PR #148914)
James Y Knight via cfe-commits
cfe-commits at lists.llvm.org
Tue Jul 29 09:07:06 PDT 2025
================
@@ -0,0 +1,294 @@
+=====================
+OverflowBehaviorTypes
+=====================
+
+.. contents::
+ :local:
+
+Introduction
+============
+
+Clang provides a type attribute that allows developers to have fine-grained control
+over the overflow behavior of integer types. The ``overflow_behavior``
+attribute can be used to specify how arithmetic operations on a given integer
+type should behave upon overflow. This is particularly useful for projects that
+need to balance performance and safety, allowing developers to enable or
+disable overflow checks for specific types.
+
+The attribute can be enabled using the compiler option
+``-foverflow-behavior-types``.
+
+The attribute syntax is as follows:
+
+.. code-block:: c++
+
+ __attribute__((overflow_behavior(behavior)))
+
+Where ``behavior`` can be one of the following:
+
+* ``wrap``: Specifies that arithmetic operations on the integer type should
----------------
jyknight wrote:
I'm still unclear as to what the semantics are for conversions, e.g.:
```
short x1 = (int __wrap)100000;
short __wrap x2 = (int)100000;
short __no_wrap x3 = (int)100000;
short x4 = (int __no_wrap)100000;
```
Does the _source_ type being marked wrap make x1 suppress ubsan's "implicit-signed-integer-truncation"? Or does the _destination_ type being marked wrap make x2 do so? Does x3 or x4 cause a trap?
And I hope the same answers apply for constexpr evaluation; which ones of these compile, and which are an error?
```
constexpr short x1 = {(int __wrap)100000};
constexpr short __wrap x2 = {(int)100000};
constexpr short __no_wrap x3 = {(int)100000};
constexpr short x4 = {(int __no_wrap)100000};
```
https://github.com/llvm/llvm-project/pull/148914
More information about the cfe-commits
mailing list