[cfe-dev] [RFC] Introduce overflow builtins

Xi Wang xi.wang at gmail.com
Mon Apr 2 06:27:06 PDT 2012

On Apr 2, 2012, at 2:55 AM, Dave Zarzycki wrote:
> What do you do when you want to overflow check __int128_t arithmetic? More on this topic below...

I would worry about 128-bit integer overflows when people start to use 128-bit integers as allocation sizes and array indices (or beg LLVM for llvm.*.with.overflow.i128 in that case).

> In practice? Well maybe not your code, but for many others the lack of 8-bit support makes using the __builtin_*_with_overflow() intrinsics in generic code much harder and much uglier.

It would be nice to have llvm.*.with.overflow.i8 in LLVM for completeness.

Just out of curiosity, can you point me to any CVE identifiers that are arithmetic overflows caused by (unsigned) char?  The only cases I have in mind are signedness errors, such as CVE-2009-0023 (Apache), CVE-2011-4362 (lighttpd), and a few examples in my previous patch to -Wtautological-compare the conversion of which died peacefully.


> With the overflow intrinsics that you are proposing, you've solved half of the work required to writing a straightforward, efficient, and somewhat portable "Big Number" library. :-)
> For example, 128-bit or larger integers could have been solved in a library instead of directly in the compiler if these intrinsics were available.

That sounds interesting, though I would rather focus on integer overflows for now and leave the joy/pain of implementing bignum to the GMP folks. ;-)

- xi

More information about the cfe-dev mailing list