[ub] A proposal to define signed overflow submitted?
Lawrence Crowl
Lawrence at crowl.org
Mon Mar 12 21:31:54 CET 2018
On 3/12/18, Myria <myriachan at gmail.com> wrote:
> The severity of the current situation is that I generally avoid signed
> integers if I intend to do any arithmetic on them whatsoever, lest the
> compiler decide to make demons come out of my nose.
So why not specify the option to turn on trapping?
> And even then, I'm not safe:
>
> std::uint16_t x = 0xFFFF;
> x *= x; // undefined behavior on most modern platforms
How? The C++ standard defines unsigned arithmetic as
modular arithmetic.
More importantly, what happens to your program when x*x < x?
An incorrect index arising from the above will almost certainly
result in undesired program behavior. What tools can help with
the meta problem? I submit that a similar-but-different unsigned
type in which overflow is undefined behavior would enable
overflow detection and identification of bad code.)
> My code has to do silly things like this in order to safeguard against
> such potential compiler abuses:
>
> typedef decltype(std::uint16_t() + 0u) promoted_uint16;
How does this typedef help?
> I would be happy if an option like -fwrapv were supported everywhere,
> but Visual Studio doesn't have such an option, and Microsoft has
> already denied requests for such an option to be implemented.
What about -ftrapv?
-
Lawrence Crowl
More information about the ub
mailing list