Deprecate implicit conversion between signed and unsigned integers

Paul Backus snarwin at gmail.com
Tue May 14 13:29:40 UTC 2024


On Sunday, 12 May 2024 at 20:20:10 UTC, Nick Treleaven wrote:
> Signed to unsigned should be deprecated (except where VRP can 
> tell the source was not negative).
>
> Unsigned to signed can preserve the value range when the signed 
> type is bigger than the unsigned type, e.g.:
>
>     extern ubyte x;
>     short y = x; // OK, short.max >= ubyte.max
>     byte z = x;  // Deprecate, byte.max < ubyte.max

Agreed.

> `cast` can be bug-prone if the original type gets changed. It 
> would be better to have druntime template functions `signed` 
> and `unsigned` to do the casts with IFTI to avoid changing the 
> size of the type.

I assume by "changing the size of the type" you are referring 
specifically to *narrowing* conversions, not widening ones. If 
so, then yes, it's probably a good idea to use a helper template 
to avoid that.

>> In many cases, migration could be performed automatically with 
>> a tool that uses the DMD frontend as a library.
>
> Can you give some examples?

Easier to give examples of the cases where it won't work: 
templates, because there's no reliable way to only apply the 
migration to specific instantiations; and string mixins, because 
there's no reliable way to find the source code corresponding to 
a mixed-in expression (if it even exists--it could be generated 
by CTFE).

> What about comparisons between incompatible signed and 
> unsigned, deprecate too?

All binary operators, including comparison operators, use the 
same implicit conversions, so yes, comparisons would be covered 
by this proposal.


More information about the dip.ideas mailing list