Sujet : Re: What is your opinion about unsigned int u = -2 ?
De : thiago.adams (at) *nospam* gmail.com (Thiago Adams)
Groupes : comp.lang.cDate : 03. Aug 2024, 18:46:00
Autres entêtes
Organisation : A noiseless patient Spider
Message-ID : <v8lqco$3i5od$1@dont-email.me>
References : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
User-Agent : Mozilla Thunderbird
Em 8/3/2024 2:43 PM, David Brown escreveu:
On 03/08/2024 04:40, Keith Thompson wrote:
Thiago Adams <thiago.adams@gmail.com> writes:
[...]
Here a sample with signed int that has a overflow warning.
>
>
#include <stdio.h>
>
int main()
{
constexpr int a = 2147483647;
constexpr int b = 1;
constexpr int c = a+b;
}
>
https://godbolt.org/z/ca31r8EMK
>
It's reasonable to warn about a+b, since it has undefined behavior.
In fact gcc warns about the expression a+b, since it has undefined
behavior, and issues a fatal error message about its use in a context
requiring a constant expression, since that's a constraint violation.
>
I think both cases (overflow and wraparound) should have warnings.
>
You're free to think that, of course, but wraparound behavior is well
defined and unambiguous. I wouldn't mind an *optional* warning, but
plenty of programmers might deliberately write something like
>
const unsigned int max = -1;
>
with the reasonable expectation that it will set max to INT_MAX.
>
Comparing with __builtin_add_overflow it also reports wraparound.
>
#include <stdio.h>
>
int main()
{
unsigned int r;
if (__builtin_add_overflow(0,-1, &r) != 0)
{
printf("fail");
}
}
>
Of course __builtin_add_overflow is a non-standard gcc extension. The
documentation says:
>
-- Built-in Function: bool __builtin_add_overflow (TYPE1 a, TYPE2 b,
TYPE3 *res)
...
These built-in functions promote the first two operands into
infinite precision signed type and perform addition on those
promoted operands. The result is then cast to the type the third
pointer argument points to and stored there. If the stored result
is equal to the infinite precision result, the built-in functions
return 'false', otherwise they return 'true'. As the addition is
performed in infinite signed precision, these built-in functions
have fully defined behavior for all argument values.
>
It returns true if the result is equal to what would be computed in
infinite signed precision, so it treats both signed overflow and
unsigned wraparound as "overflow". It looks like a useful function, and
if you use it with an unsigned target, it's because you *want* to detect
wraparound.
>
C23 provides ckd_add() that is identical to __builtin_add_overflow() except for the order of the operands.
I used __builtin_add_overflow because i dint know if the new header was available.
I am also implementing ckd_add etc for my own use in msvc.
What is your opinion about unsigned int u = -2 ?
Re: What is your opinion about unsigned int u = -2 ?