Date: Mon, 12 Mar 2018 13:31:54 -0700
On 3/12/18, Myria <myriachan_at_[hidden]> wrote:
> The severity of the current situation is that I generally avoid signed
> integers if I intend to do any arithmetic on them whatsoever, lest the
> compiler decide to make demons come out of my nose.
So why not specify the option to turn on trapping?
> And even then, I'm not safe:
>
> std::uint16_t x = 0xFFFF;
> x *= x; // undefined behavior on most modern platforms
How? The C++ standard defines unsigned arithmetic as
modular arithmetic.
More importantly, what happens to your program when x*x < x?
An incorrect index arising from the above will almost certainly
result in undesired program behavior. What tools can help with
the meta problem? I submit that a similar-but-different unsigned
type in which overflow is undefined behavior would enable
overflow detection and identification of bad code.)
> My code has to do silly things like this in order to safeguard against
> such potential compiler abuses:
>
> typedef decltype(std::uint16_t() + 0u) promoted_uint16;
How does this typedef help?
> I would be happy if an option like -fwrapv were supported everywhere,
> but Visual Studio doesn't have such an option, and Microsoft has
> already denied requests for such an option to be implemented.
What about -ftrapv?
-
Lawrence Crowl
> The severity of the current situation is that I generally avoid signed
> integers if I intend to do any arithmetic on them whatsoever, lest the
> compiler decide to make demons come out of my nose.
So why not specify the option to turn on trapping?
> And even then, I'm not safe:
>
> std::uint16_t x = 0xFFFF;
> x *= x; // undefined behavior on most modern platforms
How? The C++ standard defines unsigned arithmetic as
modular arithmetic.
More importantly, what happens to your program when x*x < x?
An incorrect index arising from the above will almost certainly
result in undesired program behavior. What tools can help with
the meta problem? I submit that a similar-but-different unsigned
type in which overflow is undefined behavior would enable
overflow detection and identification of bad code.)
> My code has to do silly things like this in order to safeguard against
> such potential compiler abuses:
>
> typedef decltype(std::uint16_t() + 0u) promoted_uint16;
How does this typedef help?
> I would be happy if an option like -fwrapv were supported everywhere,
> but Visual Studio doesn't have such an option, and Microsoft has
> already denied requests for such an option to be implemented.
What about -ftrapv?
-
Lawrence Crowl
Received on 2018-03-12 21:31:56