Liste des Groupes | Revenir à cl c |
Thiago Adams <thiago.adams@gmail.com> writes:C23 provides ckd_add() that is identical to __builtin_add_overflow() except for the order of the operands.
[...]Here a sample with signed int that has a overflow warning.It's reasonable to warn about a+b, since it has undefined behavior.
>
>
#include <stdio.h>
>
int main()
{
constexpr int a = 2147483647;
constexpr int b = 1;
constexpr int c = a+b;
}
>
https://godbolt.org/z/ca31r8EMK
In fact gcc warns about the expression a+b, since it has undefined
behavior, and issues a fatal error message about its use in a context
requiring a constant expression, since that's a constraint violation.
I think both cases (overflow and wraparound) should have warnings.You're free to think that, of course, but wraparound behavior is well
defined and unambiguous. I wouldn't mind an *optional* warning, but
plenty of programmers might deliberately write something like
const unsigned int max = -1;
with the reasonable expectation that it will set max to INT_MAX.
Comparing with __builtin_add_overflow it also reports wraparound.Of course __builtin_add_overflow is a non-standard gcc extension. The
>
#include <stdio.h>
>
int main()
{
unsigned int r;
if (__builtin_add_overflow(0,-1, &r) != 0)
{
printf("fail");
}
}
documentation says:
-- Built-in Function: bool __builtin_add_overflow (TYPE1 a, TYPE2 b,
TYPE3 *res)
...
These built-in functions promote the first two operands into
infinite precision signed type and perform addition on those
promoted operands. The result is then cast to the type the third
pointer argument points to and stored there. If the stored result
is equal to the infinite precision result, the built-in functions
return 'false', otherwise they return 'true'. As the addition is
performed in infinite signed precision, these built-in functions
have fully defined behavior for all argument values.
It returns true if the result is equal to what would be computed in
infinite signed precision, so it treats both signed overflow and
unsigned wraparound as "overflow". It looks like a useful function, and
if you use it with an unsigned target, it's because you *want* to detect
wraparound.
Les messages affichés proviennent d'usenet.