This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [PATCH v2.1] Use saturated arithmetic for overflow detection.
- From: "Joseph S. Myers" <joseph at codesourcery dot com>
- To: Paul Eggert <eggert at cs dot ucla dot edu>
- Cc: OndÅej BÃlka <neleai at seznam dot cz>, Mike Frysinger <vapier at gentoo dot org>, <libc-alpha at sourceware dot org>
- Date: Tue, 3 Dec 2013 17:53:52 +0000
- Subject: Re: [PATCH v2.1] Use saturated arithmetic for overflow detection.
- Authentication-results: sourceware.org; auth=none
- References: <20131030174502 dot GA18107 at domone dot podge> <20131030183318 dot GA18706 at domone dot podge> <20131101133126 dot GA2546 at domone dot podge> <201311300346 dot 53198 dot vapier at gentoo dot org> <20131203111604 dot GA11582 at domone dot podge> <529E182F dot 8050809 at cs dot ucla dot edu>
On Tue, 3 Dec 2013, Paul Eggert wrote:
> > +mul_s (size_t x, size_t y)
>
> The implementation here is slow and complex. It'd be better to use
Even for the normal case where one argument is constant? (For the other
case, it's based on the optimizations in calloc to avoid division in the
common case where both arguments are small enough that the product can't
possibly overflow, though that optimization is from 2002 so considerations
may be different now; I don't know the typical speed of double-length
multiplication.)
> There's no need for that comment. On the other hand, with my pedantic
> hat on, you might want to mention that the above test assumes that
> INT_MAX < SIZE_MAX. Perhaps put in a static assertion (doesn't
> glibc support _Static_assert yet? if not, just add a comment).
glibc supports being built with GCC 4.4 and later, and _Static_assert was
added in 4.6, so using it would require increasing the minimum GCC version
for building glibc.
--
Joseph S. Myers
joseph@codesourcery.com