C++ Logo

SG12

Advanced search

Subject: Re: [ub] A proposal to define signed overflow submitted?
From: Lawrence Crowl (Lawrence_at_[hidden])
Date: 2018-03-14 11:10:56


On 3/14/18, Hyman Rosen <hyman.rosen_at_[hidden]> wrote:
> As a point of information, the Intel Decimal Floating-Point Library
> (<http://www.netlib.org/misc/intel/>) is utterly cavalier about its
> usage of signed integer arithmetic. It overflows with abandon, and
> couldn't be more clear that it expects 2's-complement arithmetic
> behavior. Compiling with optimization turned on breaks different
> parts of the code on different platforms, and fixing it always
> involves doing the same thing that the code is already intending to
> do, but avoiding formally undefined behavior.
>
> For example, the library contains this code snippet:
> int x = ...;
> BID_UINT64 res;
> ...
> x = ~x + 1;
> res = (unsigned int) x | 0xb1c0000000000000ull;
> and fails under optimization on some platforms when x is INT_MIN
> (presumably because ~INT_MIN is INT_MAX and INT_MAX + 1 overflows).
> Changing this to
> res = (1u + (unsigned int) ~x) | 0xb1c0000000000000ull;
> made the optimized compiled code work. The bit operations of the
> two versions of the code are the same.

The problem with the code is likely that it uses int where it should
uwe unsigned.

> Of course, you can blame the developers. The library is dated 2011,
> so it's not like this is terribly old code.

Okay, I blame the developer. That they would release this code when
they obviously have not tested it on multiple platforms at multiple
optimizations indicates poor development practice. I am not inclined
to go out of my way to support such programmers.

> But this library is perhaps the perfect example of code that needs
> to assemble objects at the bit level. Needing to worry about things
> like left shifts of negative numbers, or overflow that isn't really,
> while trying to put all the bits in their right places, is an extra
> useless burden.

There is a need for a low-level signed bit-munging type. We should
not change int to be that type. We should have a new type.

On the other hand, we need an unsigned type for which overflow is
undefined behavior. We should not change unsigned int to be that
type. We should have a new type.

> Optimizationism is the bane of C and C++.

It is also a major reason for the use of the language. Yin and Yang.

-- 
Lawrence Crowl

SG12 list run by herb.sutter at gmail.com