Signed integer overflow undefined behavior or not?
Don via Digitalmars-d
digitalmars-d at puremagic.com
Fri Nov 13 02:20:51 PST 2015
On Friday, 13 November 2015 at 09:37:41 UTC, deadalnix wrote:
> On Friday, 13 November 2015 at 09:33:51 UTC, John Colvin wrote:
>> I don't understand what you think is so complicated about it?
>> After arithmetic operations f is applied
>> signed: f(v) = ((v + 2^(n-1)) mod (2^n - 1)) - 2^(n-1)
Complicated in the sense that: when are those semantics useful?
The answer of course, is, pretty much never. They are very
bizarre.
>
> It is not that it is complicated, but that signed wraparound is
> almost always a bug. In C/C++, that result in very questionable
> optimizations. But defining the thing as wraparound is also
> preventing it to become an error. On the other hand, detection
> the overflow is expensive on most machines.
>
> I think Don has a point and the spec should say something like :
> signed integer overflow is defined as being a runtime error.
> For performance reasons, the compiler may choose to not emit
> error checking code and use wraparound semantic instead.
>
> Or something along these lines.
Oh, I like that! That does seem to be the best of both worlds.
Then, as a QOI issue, the compiler can try to detect the error.
If it does not detect the error, it MUST provide the two's
complement result. It is not allowed to do any weird stuff.
More information about the Digitalmars-d
mailing list