[FFmpeg-devel] [PATCH 1/5] compat: add a fallback implementation of C23 stdckdint.h

Sat Nov 16 02:06:38 EET 2024

On 11/15/2024 7:22 PM, Andreas Rheinhardt wrote:
> James Almer:
>> From: Justine Tunney <jtunney at gmail.com>
>>
>> Header contents taken from https://github.com/jart/jtckdint/commit/62df1fc0966926299253b7af46c777723e345545
>>
>> Signed-off-by: James Almer <jamrial at gmail.com>
>> ---
>>   compat/stdckdint/stdckdint.h | 663 +++++++++++++++++++++++++++++++++++
>>   tests/ref/fate/source        |   1 +
>>   2 files changed, 664 insertions(+)
>>   create mode 100644 compat/stdckdint/stdckdint.h
>>
>> diff --git a/compat/stdckdint/stdckdint.h b/compat/stdckdint/stdckdint.h
>> new file mode 100644
>> index 0000000000..2d36e8ad89
>> --- /dev/null
>> +++ b/compat/stdckdint/stdckdint.h
>> @@ -0,0 +1,663 @@
>> +/*
>> + * Copyright 2023 Justine Alexandra Roberts Tunney
>> + *
>> + * Permission to use, copy, modify, and/or distribute this software for
>> + * any purpose with or without fee is hereby granted, provided that the
>> + * above copyright notice and this permission notice appear in all copies.
>> + *
>> + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL
>> + * WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
>> + * WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE
>> + * AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
>> + * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
>> + * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER
>> + * TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
>> + * PERFORMANCE OF THIS SOFTWARE.
>> + */
>> +
>> +/**
>> + * @fileoverview C23 Checked Arithmetic
>> + *
>> + * This header defines three type generic functions:
>> + *
>> + *   - `bool ckd_add(res, a, b)`
>> + *   - `bool ckd_sub(res, a, b)`
>> + *   - `bool ckd_mul(res, a, b)`
>> + *
>> + * Which allow integer arithmetic errors to be detected. There are many
>> + * kinds of integer errors, e.g. overflow, truncation, etc. These funcs
>> + * catch them all. Here's an example of how it works:
>> + *
>> + *     uint32_t c;
>> + *     int32_t a = 0x7fffffff;
>> + *     int32_t b = 2;
>> + *     assert(!ckd_add(&c, a, b));
>> + *     assert(c == 0x80000001u);
>> + *
>> + * Experienced C / C++ users should find this example counter-intuitive
>> + * because the expression `0x7fffffff + 2` not only overflows it's also
>> + * undefined behavior. However here we see it's specified, and does not
>> + * result in an error. That's because C23 checked arithmetic is not the
>> + * arithmetic you're used to. The new standard changes the mathematics.
>> + *
>> + * C23 checked arithmetic is defined as performing the arithmetic using
>> + * infinite precision and then checking if the resulting value will fit
>> + * in the output type. Our example above did not result in an error due
>> + * to `0x80000001` being a legal value for `uint32_t`.
>> + *
>> + * This implementation will use the GNU compiler builtins, when they're
>> + * available, only if you don't use build flags like `-std=c11` because
>> + * they define `__STRICT_ANSI__` and GCC extensions aren't really ANSI.
>> + * Instead, you'll get a pretty good pure C11 and C++11 implementation.
> 
> Doesn't this imply that we will no longer get the compiler builtins?
> That is very bad.

Oh, it seems we only set -U__STRICT_ANSI__ on a few targets like mingw, 
and not all like I assumed. I missed that.

I can remove the relevant check (and this comment) from the header.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 495 bytes
Desc: OpenPGP digital signature
URL: <https://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20241115/a64bed2c/attachment.sig>