Checking for overflow can difficult, but doing so may be a good
idea to avoid difficult to debug problems. Compilers that provide
builtins for overflow checking allow the checks to be simple
enough that we can use them more liberally. The idea for this
flag is to wrap a calculation that should have overflow checking,
allowing compilers that support it to give us some extra robustness.
For example,
#ifdef COMPILER_HAS_GENERIC_BUILTIN_OVERFLOW
bool overflow = __builtin_mul_overflow(x, y, &z);
assert(!overflow);
#else
/* Older compiler, hopefully we don't overflow... */
z = x * y;
#endif
Signed-off-by: Andrew Jones <drjones@xxxxxxxxxx>
---
lib/linux/compiler.h | 14 ++++++++++++++
1 file changed, 14 insertions(+)
diff --git a/lib/linux/compiler.h b/lib/linux/compiler.h
index 2d72f18c36e5..311da9807932 100644
--- a/lib/linux/compiler.h
+++ b/lib/linux/compiler.h
@@ -8,6 +8,20 @@
#ifndef __ASSEMBLY__
+#define GCC_VERSION (__GNUC__ * 10000 \
+ + __GNUC_MINOR__ * 100 \
+ + __GNUC_PATCHLEVEL__)
+
+#ifdef __clang__
+#if __has_builtin(__builtin_mul_overflow) && \
+ __has_builtin(__builtin_add_overflow) && \
+ __has_builtin(__builtin_sub_overflow)
+#define COMPILER_HAS_GENERIC_BUILTIN_OVERFLOW 1
+#endif
+#elif GCC_VERSION >= 50100
+#define COMPILER_HAS_GENERIC_BUILTIN_OVERFLOW 1
+#endif
+
#include <stdint.h>
#define barrier() asm volatile("" : : : "memory")
--
2.26.3
