Signed word lengths and indexes
Don
nospam at nospam.com
Thu Jun 17 01:00:24 PDT 2010
Jérôme M. Berger wrote:
> Walter Bright wrote:
>> Jérôme M. Berger wrote:
>>> Jérôme M. Berger wrote:
>>>> Walter Bright wrote:
>>>>> Jérôme M. Berger wrote:
>>>> Now, we have code that works fine on 32-bit platforms (x86 and arm)
>>>> but segfaults on x86_64. Simply adding an (int) cast in front of the
>>>> image dimensions in a couple of places fixes the issue (tested with
>>>> various versions of gcc on linux and windows).
>> Easy. offset should be a size_t, not an unsigned.
>
> And what about image width and height? Sure, in hindsight they
> could probably be made into size_t too. Much easier and safer to
> make them into signed ints instead, since we don't manipulate images
> bigger than 2_147_483_648 on a side anyway...
>
> Which is more or less bearophile's point: unless you're *really*
> sure that you know what you're doing, use signed ints even if
> negative numbers make no sense in a particular context.
I agree.
Actually the great evil in C is that implicit casts from
signed<->unsigned AND sign extension are both permitted in a single
expression.
I hope that when the integer range checking is fully implemented in D,
such two-way implicit casts will be forbidden.
(D has introduced ANOTHER instance of this with the ridiculous >>>
operator.
byte b = -1;
byte c = b >>> 1;
Guess what c is!
)
More information about the Digitalmars-d
mailing list