Treating the abusive unsigned syndrome
Andrei Alexandrescu
SeeWebsiteForEmail at erdani.org
Wed Nov 26 07:28:25 PST 2008
Michel Fortin wrote:
> On 2008-11-25 10:59:01 -0500, Andrei Alexandrescu
> <SeeWebsiteForEmail at erdani.org> said:
>
>> (3) u - u
>
> Just a note here, because it seems to me you're confusing two issues
> with that "u - u" thing. The problem with "u - u" isn't one of unsigned
> vs. signed integers at all. It's a problem of possibly going out of
> range, a problem that can happen with any type but is more likely with
> unsigned integers since they're often near zero.
It's also a problem of signedness, considering that int can hold the
difference of two small unsigned integrals. So if the result is unsigned
there may be overflow (I abusively call it "underflow"), but if the
result is an int that overflow may be avoided, or a different overflow
may occur.
> If you want to attack that problem, I think it should be done in a
> coherent manner with other out-of-range issues. Going below uint.min for
> an uint or below int.min for an int should be handled the same way.
> Personally, I'd just add a compiler switch for runtime range checking
> (just as for array bound checking).
>
> Treating the result u - u as __intuint is dangerous: uint.max - 1U gives
> you a value which int cannot hold, but you'd allow it to convert
> implicitly and without warning to int? I don't like it.
I understand. It's what I have so far, so I'm looking forward to better
ideas. Resorting to runtime checks is always a possibility but I'd like
to focus on the static checking aspect for now.
Andrei
More information about the Digitalmars-d
mailing list