1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
|
/// @file
/// @brief arithmetic overflow helpers
/// @ingroup cgraph_utils
///
/// Replace this with stdckdint.h when moving to C23.
#pragma once
#include <assert.h>
#include <limits.h>
#include <stdbool.h>
#include <stddef.h>
#include <stdint.h>
/** add two integers, checking for overflow
*
* @param a Operand 1
* @param b Operand 2
* @param res [out] Result on success
* @return True if overflow would occur
*/
static inline bool sadd_overflow(int a, int b, int *res) {
assert(res != NULL);
// delegate to hardware optimized implementations where possible
#if defined(__clang__) && \
(__clang_major__ > 3 || \
(__clang_major__ == 3 && __clang_minor__ > 7)) // Clang ≥ 3.8
return __builtin_sadd_overflow(a, b, res);
#elif defined(__GNUC__) && __GNUC__ > 4 // GCC ≥ 5
return __builtin_sadd_overflow(a, b, res);
#endif
if (a > 0 && INT_MAX - a < b) {
return true;
}
if (a < 0 && INT_MIN - a > b) {
return true;
}
*res = a + b;
return false;
}
/// add two sizes, checking for overflow
///
/// @param a Operand 1
/// @param b Operand 2
/// @param res [out] Result on success
/// @return True if overflow would occur
static inline bool size_overflow(size_t a, size_t b, size_t *res) {
assert(res != NULL);
// delegate to hardware optimized implementations where possible
#if defined(__clang__) && \
(__clang_major__ > 3 || \
(__clang_major__ == 3 && __clang_minor__ > 7)) // Clang ≥ 3.8
return __builtin_add_overflow(a, b, res);
#elif defined(__GNUC__) && __GNUC__ > 4 // GCC ≥ 5
return __builtin_add_overflow(a, b, res);
#endif
if (SIZE_MAX - a < b) {
return true;
}
*res = a + b;
return false;
}
/// add two 64-bit unsigned integers, checking for overflow
///
/// @param a Operand 1
/// @param b Operand 2
/// @param res [out] Result on success
/// @return True if overflow would occur
static inline bool u64add_overflow(uint64_t a, uint64_t b, uint64_t *res) {
assert(res != NULL);
// delegate to hardware optimized implementations where possible
#if defined(__clang__) && \
(__clang_major__ > 3 || \
(__clang_major__ == 3 && __clang_minor__ > 7)) // Clang ≥ 3.8
return __builtin_add_overflow(a, b, res);
#elif defined(__GNUC__) && __GNUC__ > 4 // GCC ≥ 5
return __builtin_add_overflow(a, b, res);
#endif
if (UINT64_MAX - a < b) {
return true;
}
*res = a + b;
return false;
}
/// multiply two 64-bit unsigned integers, checking for overflow
///
/// @param a Operand 1
/// @param b Operand 2
/// @param res [out] Result on success
/// @return True if overflow would occur
static inline bool u64mul_overflow(uint64_t a, uint64_t b, uint64_t *res) {
assert(res != NULL);
// delegate to hardware optimized implementations where possible
#if defined(__clang__) && \
(__clang_major__ > 3 || \
(__clang_major__ == 3 && __clang_minor__ > 7)) // Clang ≥ 3.8
return __builtin_mul_overflow(a, b, res);
#elif defined(__GNUC__) && __GNUC__ > 4 // GCC ≥ 5
return __builtin_mul_overflow(a, b, res);
#endif
if (a > 0 && UINT64_MAX / a < b) {
return true;
}
*res = a * b;
return false;
}
|
