Yes - once the undefined behavior has happened, the compiler can
dispense with everything else, so if it can prove that your
after-the-fact checks can only happen in case of signed overflow, it
can simply omit them. Great fun.
Dr Hipp landed https://www.sqlite.org/src/info/db3ebd7c52cfc5fc ,
which is basically what you suggested. I also see that some systems
include __builtin_mul_overflow() intrinsics, which can use the CPU's
overflow flag, if available, which seems plausible.
On Tue, Sep 20, 2016 at 4:51 PM, Bernardo Sulzbach
> In time, ignore my previous reply to this thread as SQLite portability
> requirements make it invalid (at least I think they would). According to the
> C language standard, signed overflow is undefined behavior and, therefore,
> should not be relied upon.
> There is also a simpler way to check it using a division of the maximum
> possible value by the multiplier (which will never overflow).
> Bernardo Sulzbach
> sqlite-users mailing list
sqlite-users mailing list