[clang] [lldb] [Clang] Introduce OverflowBehaviorType for fine-grained overflow control (PR #148914)
Kees Cook via cfe-commits
cfe-commits at lists.llvm.org
Wed Oct 15 14:18:55 PDT 2025
kees wrote:
> please cc me on the email thread regarding a video call. FYI, I'll be at '25 dev mtng.
>
> I think there is some confusion in this thread about how to tell the compiler about intentional data loss.
>
> The UX I like the most is something like the following:
>
> ```c
> void foo() {
> int __ob_trap a = -1;
>
> u16 b = a; // trap, semantics we just agreed upon. implicit casts are sketchy
>
> u16 c = (u16)a; // no trap, inform compiler about our intent explicitly, Rust equivalent 'a as u16'
>
> u16 d = (u16 __ob_wrap)a; // no trap, inform compiler about our intent explcitly
>
> u16 e = (u16 __ob_trap)a; // trap, Rust equivalent: 'a.try_into().unwrap()'
> }
> ```
>
> My understanding is that @kees would prefer if the `d` example was the _only_ way to inform the compiler about intentional data loss and the `c` example wouldn't be enough (i.e., should trap too). Am I right kees?
Right, I think `c` is what is already happening with `b`: a cast to `u16` tells us nothing about the desired OB. We need to say `u16 __ob_trap` ("I want to trap") or `u16 __ob_wrap` ("I want wrap-around on overflow").
https://github.com/llvm/llvm-project/pull/148914
More information about the cfe-commits
mailing list