Subject: Re: [ub] A proposal to define signed overflow submitted?
From: Lawrence Crowl (Lawrence_at_[hidden])
Date: 2018-03-12 15:31:54
On 3/12/18, Myria <myriachan_at_[hidden]> wrote:
> The severity of the current situation is that I generally avoid signed
> integers if I intend to do any arithmetic on them whatsoever, lest the
> compiler decide to make demons come out of my nose.
So why not specify the option to turn on trapping?
> And even then, I'm not safe:
> std::uint16_t x = 0xFFFF;
> x *= x; // undefined behavior on most modern platforms
How? The C++ standard defines unsigned arithmetic as
More importantly, what happens to your program when x*x < x?
An incorrect index arising from the above will almost certainly
result in undesired program behavior. What tools can help with
the meta problem? I submit that a similar-but-different unsigned
type in which overflow is undefined behavior would enable
overflow detection and identification of bad code.)
> My code has to do silly things like this in order to safeguard against
> such potential compiler abuses:
> typedef decltype(std::uint16_t() + 0u) promoted_uint16;
How does this typedef help?
> I would be happy if an option like -fwrapv were supported everywhere,
> but Visual Studio doesn't have such an option, and Microsoft has
> already denied requests for such an option to be implemented.
What about -ftrapv?
SG12 list run by herb.sutter at gmail.com