[PATCH xserver 6/7 v2] sync: Convert from "CARD64" to int64_t.

Alexander E. Patrakov patrakov at gmail.com
Thu Aug 24 08:40:13 UTC 2017


2017-08-23 22:06 GMT+05:00 Eric Anholt <eric at anholt.net>:

> diff --git a/include/misc.h b/include/misc.h
> index 38af70ff9e89..0feeaebc7c1a 100644
> --- a/include/misc.h
> +++ b/include/misc.h
> @@ -324,6 +324,31 @@ bswap_32(uint32_t x)
>              ((x & 0x000000FF) << 24));
>  }
>
> +static inline Bool
> +checked_int64_add(int64_t *out, int64_t a, int64_t b)
> +{
> +    int64_t result = a + b;
> +    /* signed addition overflows if operands have the same sign, and
> +     * the sign of the result doesn't match the sign of the inputs.
> +     */
> +    Bool overflow = (a < 0) == (b < 0) && (a < 0) != (result < 0);
> +
> +    *out = result;
> +
> +    return overflow;
> +}
> +
> +static inline Bool
> +checked_int64_subtract(int64_t *out, int64_t a, int64_t b)
> +{
> +    int64_t result = a - b;
> +    Bool overflow = (a < 0) != (b < 0) && (a < 0) != (result < 0);
> +
> +    *out = result;
> +
> +    return overflow;
> +}
> +

NAK.

C compilers are allowed to assume that signed arithmetical operations
never overflow. I.e. to optimize your overflow check, because it never
triggers if there is no overflow.
https://www.airs.com/blog/archives/120

Please either make sure that all code that includes this header is
compiled with -fno-strict-overflow, or rewrite the check in a way that
does not check the result but only the operands and things like
INT64_MAX.

-- 
Alexander E. Patrakov


More information about the xorg-devel mailing list