These macros yield 1 if the corresponding C operators might not yield numerically correct answers due to arithmetic overflow of an integer type. They work correctly on all known practical hosts, and do not rely on undefined behavior due to signed arithmetic overflow. They expand to integer constant expressions if their arguments are. They are easier to use than the integer range overflow macros (see Integer Range Overflow).
Example usage:
#include <intprops.h>
void
print_product (long int a, long int b)
{
if (INT_MULTIPLY_OVERFLOW (a, b))
printf ("multiply would overflow");
else
printf ("product is %ld", a * b);
}
These macros have the following restrictions:
These macros are tuned for their last argument being a constant.
INT_ADD_OVERFLOW (a, b) + b would overflow. See above for
restrictions.
INT_SUBTRACT_OVERFLOW (a, b) - b would overflow. See above for
restrictions.
INT_NEGATE_OVERFLOW (a)-a would overflow. See above for restrictions.
INT_MULTIPLY_OVERFLOW (a, b) * b would overflow. See above for
restrictions.
INT_DIVIDE_OVERFLOW (a, b) / b would overflow. See above for
restrictions. Division overflow can happen on two's complement hosts
when dividing the most negative integer by −1. This macro does
not check for division by zero.
INT_REMAINDER_OVERFLOW (a, b) % b would overflow. See above for
restrictions. Remainder overflow can happen on two's complement hosts
when dividing the most negative integer by −1; although the
mathematical result is always 0, in practice some implementations
trap, so this counts as an overflow. This macro does not check for
division by zero.
INT_LEFT_SHIFT_OVERFLOW (a, b) << b would overflow. See above for
restrictions. The C standard says that behavior is undefined for
shifts unless 0≤b<w where w is a's word
width, and that when a is negative then a <<
b has undefined behavior and a >> b has
implementation-defined behavior, but this macro does not check these
other restrictions.