Re: Dealing with integer overflow issues

[christos%astron.com@localhost (Christos Zoulas)]

In article <20090804043312.GY23616%mewburn.net@localhost>,
Luke Mewburn  <lukem%NetBSD.org@localhost> wrote:
>-=-=-=-=-=-
>-=-=-=-=-=-
>
>Hi all.
>
>A few months ago I did a code sweep to deal with -Wsign-compare
>warnings generated by gcc.
>
>This highlighted issues with how we correctly deal with integer
>overflow in certain situations, including the interaction between
>off_t (int64_t) and size_t (uint32_t on ILP32, uint64_t on LP64).
>
>A noted example is using the off_t st_size from stat(2) with
>the size_t len argument to mmap(2), and avoiding overflow
>on LP64 platforms.
>
>Christos & I have been discussing improving the way that we
>detect and handle these integer overlow issues.
>
>I found Felix von Leitner's page:
>       http://www.fefe.de/intof.html
>which has a good explanation of the issue, as well as some
>suggestions on dealing with the problem.
>
>I've implemented a header file containing some of the macros --
>tentatively called <sys/integer_overflow.h> -- which I've attached.
>I think we could use something like this in our tree.
>
>Questions:
>
>  1.   Does this seem useful to others, in that it could reduce
>       the potential for error ?
>
>  2.   Is this implementation acceptable?
>
>  3.   Anyone got a better name than sys/integer_overflow.h ?

1. I think this is very useful.
2. I would rename __MIN -> __MIN_VALUE, and change typeof to __typeof__ so
   that it works with for example -std=c99.
3. intovfl.h?

christos