[cfe-dev] [RFC] Introduce overflow builtins

Xi Wang xi.wang at gmail.com
Sun Apr 1 21:10:36 PDT 2012

On Apr 1, 2012, at 11:34 PM, Dave Zarzycki wrote:
> I wouldn't worry about that. Making the above overflow intrinsics explicitly signed or unsigned will not magically make a developer care about sign conversion or size conversion problems.
> However, making the intrinsics explicitly signed will make the intrinsics more inconvenient to use for developers that know what they're doing. Also, making the intrinsics explicitly signed will force developers to change all of their uses of these intrinsics every time the change the sign of a variable. Both of these problems are avoidable by having the intrinsics do the right thing and infer the sign of the operation based on T*.

Sounds good.  I will get it a shot. ;-)

> The patch does not validate that the correct intrinsic is used. For example:
> /tmp/llvm/b $ cat of.c
> int example(int x, int y, int z);
> int example(int x, int y, int z) {
> 	if (__builtin_uadd_with_overflow(&x, y, z)) __builtin_trap();
> 	return x;
> }
> /tmp/llvm/b $ ./Debug+Asserts/bin/clang -Weverything -Os -c of.c
> /tmp/llvm/b $ echo $?
> 0
> /tmp/llvm/b $

Oops, you are right.  But once we have __builtin_add_with_overflow that infers the sign, __builtin_add_with_overflow(&x, y, z) then means signed addition overflow --- seems that we don't need this validation anymore?

- xi

More information about the cfe-dev mailing list