![[^]](../icons/first.png)
![[v]](../icons/last.png)
![[top]](../icons/top.png)
![[bottom]](../icons/bottom.png)
![[index]](../icons/index.png)
![[help]](../icons/help.png)
- lib/intprops-internal.h
![[previous]](../icons/n_left.png){kind=icon}
![[next]](../icons/n_right.png){kind=icon}
![[first]](../icons/n_first.png){kind=icon}
![[last]](../icons/n_last.png){kind=icon}
![[top]](../icons/n_top.png){kind=icon}
*/
1 /* intprops-internal.h -- properties of integer types not visible to users
2
3 Copyright (C) 2001-2024 Free Software Foundation, Inc.
4
5 This program is free software: you can redistribute it and/or modify it
6 under the terms of the GNU Lesser General Public License as published
7 by the Free Software Foundation; either version 2.1 of the License, or
8 (at your option) any later version.
9
10 This program is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 GNU Lesser General Public License for more details.
14
15 You should have received a copy of the GNU Lesser General Public License
16 along with this program. If not, see <https://www.gnu.org/licenses/>. */
17
18 #ifndef _GL_INTPROPS_INTERNAL_H
19 #define _GL_INTPROPS_INTERNAL_H
20
21 #include <limits.h>
22
23 /* Pacify GCC 13.2 in some calls to _GL_EXPR_SIGNED. */
24 #if defined __GNUC__ && 4 < __GNUC__ + (3 <= __GNUC_MINOR__)
25 # pragma GCC diagnostic ignored "-Wtype-limits"
26 #endif
27
28 /* Return a value with the common real type of E and V and the value of V.
29 Do not evaluate E. */
30 #define _GL_INT_CONVERT(e, v) ((1 ? 0 : (e)) + (v))
31
32 /* Act like _GL_INT_CONVERT (E, -V) but work around a bug in IRIX 6.5 cc; see
33 <https://lists.gnu.org/r/bug-gnulib/2011-05/msg00406.html>. */
34 #define _GL_INT_NEGATE_CONVERT(e, v) ((1 ? 0 : (e)) - (v))
35
36 /* The extra casts in the following macros work around compiler bugs,
37 e.g., in Cray C 5.0.3.0. */
38
39 /* True if the real type T is signed. */
40 #define _GL_TYPE_SIGNED(t) (!((t) 0 < (t) - 1))
41
42 /* Return 1 if the real expression E, after promotion, has a
43 signed or floating type. Do not evaluate E. */
44 #define _GL_EXPR_SIGNED(e) (_GL_INT_NEGATE_CONVERT (e, 1) < 0)
45
46 /* Minimum and maximum values for integer types and expressions. */
47
48 /* The width in bits of the integer type or expression T.
49 Do not evaluate T. T must not be a bit-field expression.
50 Padding bits are not supported; this is checked at compile-time below. */
51 #define _GL_TYPE_WIDTH(t) (sizeof (t) * CHAR_BIT)
52
53 /* The maximum and minimum values for the type of the expression E,
54 after integer promotion. E is not evaluated. */
55 #define _GL_INT_MINIMUM(e) \
56 (_GL_EXPR_SIGNED (e) ? ~_GL_SIGNED_INT_MAXIMUM (e) : _GL_INT_CONVERT (e, 0))
57 #define _GL_INT_MAXIMUM(e) \
58 (_GL_EXPR_SIGNED (e) ? _GL_SIGNED_INT_MAXIMUM (e) : _GL_INT_NEGATE_CONVERT (e, 1))
59 #define _GL_SIGNED_INT_MAXIMUM(e) \
60 (((_GL_INT_CONVERT (e, 1) << (_GL_TYPE_WIDTH (+(e)) - 2)) - 1) * 2 + 1)
61
62 /* Work around OpenVMS incompatibility with C99. */
63 #if !defined LLONG_MAX && defined __INT64_MAX
64 # define LLONG_MAX __INT64_MAX
65 # define LLONG_MIN __INT64_MIN
66 #endif
67
68 /* This include file assumes that signed types are two's complement without
69 padding bits; the above macros have undefined behavior otherwise.
70 If this is a problem for you, please let us know how to fix it for your host.
71 This assumption is tested by the intprops-tests module. */
72
73 /* Does the __typeof__ keyword work? This could be done by
74 'configure', but for now it's easier to do it by hand. */
75 #if (2 <= __GNUC__ || (4 <= __clang_major__) || (1210 <= __IBMC__ && defined __IBM__TYPEOF__) \
76 || (0x5110 <= __SUNPRO_C && !__STDC__))
77 # define _GL_HAVE___TYPEOF__ 1
78 #else
79 # define _GL_HAVE___TYPEOF__ 0
80 #endif
81
82 /* Return 1 if the integer type or expression T might be signed. Return 0
83 if it is definitely unsigned. T must not be a bit-field expression.
84 This macro does not evaluate its argument, and expands to an
85 integer constant expression. */
86 #if _GL_HAVE___TYPEOF__
87 # define _GL_SIGNED_TYPE_OR_EXPR(t) _GL_TYPE_SIGNED (__typeof__ (t))
88 #else
89 # define _GL_SIGNED_TYPE_OR_EXPR(t) 1
90 #endif
91
92 /* Return 1 if - A would overflow in [MIN,MAX] arithmetic.
93 A should not have side effects, and A's type should be an
94 integer with minimum value MIN and maximum MAX. */
95 #define _GL_INT_NEGATE_RANGE_OVERFLOW(a, min, max) ((min) < 0 ? (a) < -(max) : 0 < (a))
96
97 /* True if __builtin_add_overflow (A, B, P) and __builtin_sub_overflow
98 (A, B, P) work when P is non-null. */
99 #ifdef __EDG__
100 /* EDG-based compilers like nvc 22.1 cannot add 64-bit signed to unsigned
101 <https://bugs.gnu.org/53256>. */
102 # define _GL_HAS_BUILTIN_ADD_OVERFLOW 0
103 #elif defined __has_builtin
104 # define _GL_HAS_BUILTIN_ADD_OVERFLOW __has_builtin (__builtin_add_overflow)
105 /* __builtin_{add,sub}_overflow exists but is not reliable in GCC 5.x and 6.x,
106 see <https://gcc.gnu.org/bugzilla/show_bug.cgi?id=98269>. */
107 #elif 7 <= __GNUC__
108 # define _GL_HAS_BUILTIN_ADD_OVERFLOW 1
109 #else
110 # define _GL_HAS_BUILTIN_ADD_OVERFLOW 0
111 #endif
112
113 /* True if __builtin_mul_overflow (A, B, P) works when P is non-null. */
114 #if defined __clang_major__ && __clang_major__ < 14
115 /* Work around Clang bug <https://bugs.llvm.org/show_bug.cgi?id=16404>. */
116 # define _GL_HAS_BUILTIN_MUL_OVERFLOW 0
117 #else
118 # define _GL_HAS_BUILTIN_MUL_OVERFLOW _GL_HAS_BUILTIN_ADD_OVERFLOW
119 #endif
120
121 /* True if __builtin_add_overflow_p (A, B, C) works, and similarly for
122 __builtin_sub_overflow_p and __builtin_mul_overflow_p. */
123 #ifdef __EDG__
124 /* In EDG-based compilers like ICC 2021.3 and earlier,
125 __builtin_add_overflow_p etc. are not treated as integral constant
126 expressions even when all arguments are. */
127 # define _GL_HAS_BUILTIN_OVERFLOW_P 0
128 #elif defined __has_builtin
129 # define _GL_HAS_BUILTIN_OVERFLOW_P __has_builtin (__builtin_mul_overflow_p)
130 #else
131 # define _GL_HAS_BUILTIN_OVERFLOW_P (7 <= __GNUC__)
132 #endif
133
134 #if (!defined _GL_STDCKDINT_H && 202311 <= __STDC_VERSION__ \
135 && !(_GL_HAS_BUILTIN_ADD_OVERFLOW && _GL_HAS_BUILTIN_MUL_OVERFLOW))
136 # include <stdckdint.h>
137 #endif
138
139 /* Store the low-order bits of A + B, A - B, A * B, respectively, into *R.
140 Return 1 if the result overflows. Arguments should not have side
141 effects and A, B and *R can be of any integer type other than char,
142 bool, a bit-precise integer type, or an enumeration type. */
143 #if _GL_HAS_BUILTIN_ADD_OVERFLOW
144 # define _GL_INT_ADD_WRAPV(a, b, r) __builtin_add_overflow (a, b, r)
145 # define _GL_INT_SUBTRACT_WRAPV(a, b, r) __builtin_sub_overflow (a, b, r)
146 #elif defined ckd_add && defined ckd_sub && !defined _GL_STDCKDINT_H
147 # define _GL_INT_ADD_WRAPV(a, b, r) ckd_add (r, +(a), +(b))
148 # define _GL_INT_SUBTRACT_WRAPV(a, b, r) ckd_sub (r, +(a), +(b))
149 #else
150 # define _GL_INT_ADD_WRAPV(a, b, r) _GL_INT_OP_WRAPV (a, b, r, +, _GL_INT_ADD_RANGE_OVERFLOW)
151 # define _GL_INT_SUBTRACT_WRAPV(a, b, r) \
152 _GL_INT_OP_WRAPV (a, b, r, -, _GL_INT_SUBTRACT_RANGE_OVERFLOW)
153 #endif
154 #if _GL_HAS_BUILTIN_MUL_OVERFLOW
155 # if ((9 < __GNUC__ + (3 <= __GNUC_MINOR__) || (__GNUC__ == 8 && 4 <= __GNUC_MINOR__)) \
156 && !defined __EDG__)
157 # define _GL_INT_MULTIPLY_WRAPV(a, b, r) __builtin_mul_overflow (a, b, r)
158 # else
159 // Work around GCC bug 91450.
160 # define _GL_INT_MULTIPLY_WRAPV(a, b, r) \
161 ((!_GL_SIGNED_TYPE_OR_EXPR (*(r)) && _GL_EXPR_SIGNED (a) && _GL_EXPR_SIGNED (b) \
162 && _GL_INT_MULTIPLY_RANGE_OVERFLOW (a, b, (__typeof__ (*(r))) 0, \
163 (__typeof__ (*(r))) -1)) \
164 ? ((void) __builtin_mul_overflow (a, b, r), 1) \
165 : __builtin_mul_overflow (a, b, r))
166 # endif
167 #elif defined ckd_mul && !defined _GL_STDCKDINT_H
168 # define _GL_INT_MULTIPLY_WRAPV(a, b, r) ckd_mul (r, +(a), +(b))
169 #else
170 # define _GL_INT_MULTIPLY_WRAPV(a, b, r) \
171 _GL_INT_OP_WRAPV (a, b, r, *, _GL_INT_MULTIPLY_RANGE_OVERFLOW)
172 #endif
173
174 /* Nonzero if this compiler has GCC bug 68193 or Clang bug 25390. See:
175 https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68193
176 https://llvm.org/bugs/show_bug.cgi?id=25390
177 For now, assume GCC < 14 and all Clang versions generate bogus
178 warnings for _Generic. This matters only for compilers that
179 lack relevant builtins. */
180 #if (__GNUC__ && __GNUC__ < 14) || defined __clang__
181 # define _GL__GENERIC_BOGUS 1
182 #else
183 # define _GL__GENERIC_BOGUS 0
184 #endif
185
186 /* Store the low-order bits of A <op> B into *R, where OP specifies
187 the operation and OVERFLOW the overflow predicate. Return 1 if the
188 result overflows. Arguments should not have side effects,
189 and A, B and *R can be of any integer type other than char, bool, a
190 bit-precise integer type, or an enumeration type. */
191 #if 201112 <= __STDC_VERSION__ && !_GL__GENERIC_BOGUS
192 # define _GL_INT_OP_WRAPV(a, b, r, op, overflow) \
193 (_Generic (*(r), \
194 signed char: _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned int, signed char, \
195 SCHAR_MIN, SCHAR_MAX), \
196 unsigned char: _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned int, unsigned char, \
197 0, UCHAR_MAX), \
198 short int: _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned int, short int, SHRT_MIN, \
199 SHRT_MAX), \
200 unsigned short int: _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned int, \
201 unsigned short int, 0, USHRT_MAX), \
202 int: _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned int, int, INT_MIN, INT_MAX), \
203 unsigned int: _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned int, unsigned int, 0, \
204 UINT_MAX), \
205 long int: _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned long int, long int, \
206 LONG_MIN, LONG_MAX), \
207 unsigned long int: _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned long int, \
208 unsigned long int, 0, ULONG_MAX), \
209 long long int: _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned long long int, \
210 long long int, LLONG_MIN, LLONG_MAX), \
211 unsigned long long int: _GL_INT_OP_CALC (a, b, r, op, overflow, \
212 unsigned long long int, \
213 unsigned long long int, 0, ULLONG_MAX)))
214 #else
215 /* Store the low-order bits of A <op> B into *R, where OP specifies
216 the operation and OVERFLOW the overflow predicate. If *R is
217 signed, its type is ST with bounds SMIN..SMAX; otherwise its type
218 is UT with bounds U..UMAX. ST and UT are narrower than int.
219 Return 1 if the result overflows. Arguments should not have side
220 effects, and A, B and *R can be of any integer type other than
221 char, bool, a bit-precise integer type, or an enumeration type. */
222 # if _GL_HAVE___TYPEOF__
223 # define _GL_INT_OP_WRAPV_SMALLISH(a, b, r, op, overflow, st, smin, smax, ut, umax) \
224 (_GL_TYPE_SIGNED (__typeof__ (*(r))) \
225 ? _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned int, st, smin, smax) \
226 : _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned int, ut, 0, umax))
227 # else
228 # define _GL_INT_OP_WRAPV_SMALLISH(a, b, r, op, overflow, st, smin, smax, ut, umax) \
229 (overflow (a, b, smin, smax) \
230 ? (overflow (a, b, 0, umax) \
231 ? (*(r) = _GL_INT_OP_WRAPV_VIA_UNSIGNED (a, b, op, unsigned, st), 1) \
232 : (*(r) = _GL_INT_OP_WRAPV_VIA_UNSIGNED (a, b, op, unsigned, st)) < 0) \
233 : (overflow (a, b, 0, umax) \
234 ? (*(r) = _GL_INT_OP_WRAPV_VIA_UNSIGNED (a, b, op, unsigned, st)) >= 0 \
235 : (*(r) = _GL_INT_OP_WRAPV_VIA_UNSIGNED (a, b, op, unsigned, st), 0)))
236 # endif
237
238 # define _GL_INT_OP_WRAPV(a, b, r, op, overflow) \
239 (sizeof *(r) == sizeof (signed char) \
240 ? _GL_INT_OP_WRAPV_SMALLISH (a, b, r, op, overflow, signed char, SCHAR_MIN, \
241 SCHAR_MAX, unsigned char, UCHAR_MAX) \
242 : sizeof *(r) == sizeof (short int) \
243 ? _GL_INT_OP_WRAPV_SMALLISH (a, b, r, op, overflow, short int, SHRT_MIN, SHRT_MAX, \
244 unsigned short int, USHRT_MAX) \
245 : sizeof *(r) == sizeof (int) \
246 ? (_GL_EXPR_SIGNED (*(r)) \
247 ? _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned int, int, INT_MIN, INT_MAX) \
248 : _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned int, unsigned int, 0, \
249 UINT_MAX)) \
250 : _GL_INT_OP_WRAPV_LONGISH (a, b, r, op, overflow))
251 # ifdef LLONG_MAX
252 # define _GL_INT_OP_WRAPV_LONGISH(a, b, r, op, overflow) \
253 (sizeof *(r) == sizeof (long int) \
254 ? (_GL_EXPR_SIGNED (*(r)) \
255 ? _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned long int, long int, \
256 LONG_MIN, LONG_MAX) \
257 : _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned long int, \
258 unsigned long int, 0, ULONG_MAX)) \
259 : (_GL_EXPR_SIGNED (*(r)) \
260 ? _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned long long int, \
261 long long int, LLONG_MIN, LLONG_MAX) \
262 : _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned long long int, \
263 unsigned long long int, 0, ULLONG_MAX)))
264 # else
265 # define _GL_INT_OP_WRAPV_LONGISH(a, b, r, op, overflow) \
266 (_GL_EXPR_SIGNED (*(r)) ? _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned long int, \
267 long int, LONG_MIN, LONG_MAX) \
268 : _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned long int, \
269 unsigned long int, 0, ULONG_MAX))
270 # endif
271 #endif
272
273 /* Store the low-order bits of A <op> B into *R, where the operation
274 is given by OP. Use the unsigned type UT for calculation to avoid
275 overflow problems. *R's type is T, with extrema TMIN and TMAX.
276 T can be any signed integer type other than char, bool, a
277 bit-precise integer type, or an enumeration type.
278 Return 1 if the result overflows. */
279 #define _GL_INT_OP_CALC(a, b, r, op, overflow, ut, t, tmin, tmax) \
280 (overflow (a, b, tmin, tmax) ? (*(r) = _GL_INT_OP_WRAPV_VIA_UNSIGNED (a, b, op, ut, t), 1) \
281 : (*(r) = _GL_INT_OP_WRAPV_VIA_UNSIGNED (a, b, op, ut, t), 0))
282
283 /* Return 1 if the integer expressions A - B and -A would overflow,
284 respectively. Arguments should not have side effects,
285 and can be any signed integer type other than char, bool, a
286 bit-precise integer type, or an enumeration type.
287 These macros are tuned for their last input argument being a constant. */
288
289 #if _GL_HAS_BUILTIN_OVERFLOW_P
290 # define _GL_INT_NEGATE_OVERFLOW(a) __builtin_sub_overflow_p (0, a, (__typeof__ (-(a))) 0)
291 #else
292 # define _GL_INT_NEGATE_OVERFLOW(a) \
293 _GL_INT_NEGATE_RANGE_OVERFLOW (a, _GL_INT_MINIMUM (a), _GL_INT_MAXIMUM (a))
294 #endif
295
296 /* Return the low-order bits of A <op> B, where the operation is given
297 by OP. Use the unsigned type UT for calculation to avoid undefined
298 behavior on signed integer overflow, and convert the result to type T.
299 UT is at least as wide as T and is no narrower than unsigned int,
300 T is two's complement, and there is no padding or trap representations.
301 Assume that converting UT to T yields the low-order bits, as is
302 done in all known two's-complement C compilers. E.g., see:
303 https://gcc.gnu.org/onlinedocs/gcc/Integers-implementation.html
304
305 According to the C standard, converting UT to T yields an
306 implementation-defined result or signal for values outside T's
307 range. However, code that works around this theoretical problem
308 runs afoul of a compiler bug in Oracle Studio 12.3 x86. See:
309 https://lists.gnu.org/r/bug-gnulib/2017-04/msg00049.html
310 As the compiler bug is real, don't try to work around the
311 theoretical problem. */
312
313 #define _GL_INT_OP_WRAPV_VIA_UNSIGNED(a, b, op, ut, t) ((t) ((ut) (a) op (ut) (b)))
314
315 /* Return true if the numeric values A + B, A - B, A * B fall outside
316 the range TMIN..TMAX. Arguments should not have side effects
317 and can be any integer type other than char, bool,
318 a bit-precise integer type, or an enumeration type.
319 TMIN should be signed and nonpositive.
320 TMAX should be positive, and should be signed unless TMIN is zero. */
321 #define _GL_INT_ADD_RANGE_OVERFLOW(a, b, tmin, tmax) \
322 ((b) < 0 ? (((tmin) ? ((_GL_EXPR_SIGNED (_GL_INT_CONVERT (a, (tmin) - (b))) || (b) < (tmin)) \
323 && (a) < (tmin) - (b)) \
324 : (a) <= -1 - (b)) \
325 || ((_GL_EXPR_SIGNED (a) ? 0 <= (a) : (tmax) < (a)) && (tmax) < (a) + (b))) \
326 : (a) < 0 \
327 ? (((tmin) ? ((_GL_EXPR_SIGNED (_GL_INT_CONVERT (b, (tmin) - (a))) || (a) < (tmin)) \
328 && (b) < (tmin) - (a)) \
329 : (b) <= -1 - (a)) \
330 || ((_GL_EXPR_SIGNED (_GL_INT_CONVERT (a, b)) || (tmax) < (b)) && (tmax) < (a) + (b))) \
331 : (tmax) < (b) || (tmax) - (b) < (a))
332 #define _GL_INT_SUBTRACT_RANGE_OVERFLOW(a, b, tmin, tmax) \
333 (((a) < 0) == ((b) < 0) \
334 ? ((a) < (b) ? !(tmin) || -1 - (tmin) < (b) - (a) - 1 : (tmax) < (a) - (b)) \
335 : (a) < 0 ? ((!_GL_EXPR_SIGNED (_GL_INT_CONVERT ((a) - (tmin), b)) && (a) - (tmin) < 0) \
336 || (a) - (tmin) < (b)) \
337 : ((!(_GL_EXPR_SIGNED (_GL_INT_CONVERT (tmax, b)) \
338 && _GL_EXPR_SIGNED (_GL_INT_CONVERT ((tmax) + (b), a))) \
339 && (tmax) <= -1 - (b)) \
340 || (tmax) + (b) < (a)))
341 #define _GL_INT_MULTIPLY_RANGE_OVERFLOW(a, b, tmin, tmax) \
342 ((b) < 0 ? ((a) < 0 ? (_GL_EXPR_SIGNED (_GL_INT_CONVERT (tmax, b)) \
343 ? (a) < (tmax) / (b) \
344 : ((_GL_INT_NEGATE_OVERFLOW (b) \
345 ? _GL_INT_CONVERT (b, tmax) >> (_GL_TYPE_WIDTH (+(b)) - 1) \
346 : (tmax) / -(b)) \
347 <= -1 - (a))) \
348 : _GL_INT_NEGATE_OVERFLOW (_GL_INT_CONVERT (b, tmin)) && (b) == -1 \
349 ? (_GL_EXPR_SIGNED (a) ? 0 < (a) + (tmin) : 0 < (a) && -1 - (tmin) < (a) - 1) \
350 : (tmin) / (b) < (a)) \
351 : (b) == 0 \
352 ? 0 \
353 : ((a) < 0 ? (_GL_INT_NEGATE_OVERFLOW (_GL_INT_CONVERT (a, tmin)) && (a) == -1 \
354 ? (_GL_EXPR_SIGNED (b) ? 0 < (b) + (tmin) : -1 - (tmin) < (b) - 1) \
355 : (tmin) / (a) < (b)) \
356 : (tmax) / (b) < (a)))
357
358 #endif
![[bottom]](../icons/n_bottom.png){kind=icon}
*/