Given an unsigned integer x and a signed integer dx, what's the most efficient way to perform x = x + dx while preventing over/underflow? I could do something like:
unsigned int x;
int dx;
...
long int result = (long int)(x + dx);
if (result < 0) {
x = 0;
} else if (result > UINT_MAX) {
x = UINT_MAX;
} else {
x = result;
}
But I'm wondering if there's a better way.
EDIT: updated the example to be semantically correct.
On
OP's approach fails at inception as x + dx does not benefit with extended integer width - the addition still uses unsigned math. Casting to long after the addition is moot.
// Not useful
long int result = (long int)(x + dx);
// Perhaps
long int result = x + (long int)dx;
// or
long long result = x + (long long)dx;
Using long addition provides no wider math when int and long have the save size. Perhaps long long? Even long long is not specified to be wider than int, yet it often.
What's the most efficient way to perform bounded addition?
I'll set aside most efficient and focus on correct portable functionality for all unsigned int x, int dx.
A variation on @unwind:
unsigned saturated_add_alt(unsigned int x, int dx) {
if (dx >= 0) {
if (x > UINT_MAX - dx) {
return UINT_MAX;
}
} else if (x < (1 - dx)) { // Avoid x < -dx. UB when dx == INT_MIN
return 0;
}
return x + dx;
}
The only efficient way is to use inline assembly (add and check the processor flags which are not accessible in C) or to use compiler builtins.
Example:
and the resulting machine code: