jacob navia said:
Le 30/12/10 18:59, Ben Bacarisse a écrit :
jacob navia said:
Le 30/12/10 14:34, Ben Bacarisse a écrit :
This raises the question of what the 'last operation' is. You've shown
c = a + b;
if (_overflow()) ...
as the canonical example of this feature, but the "last operation" is
the conversion of the value of 'a + b' to the type of 'c'. This
operation may be the one I want to test for overflow. How does the
compiler know which overflow (the addition or the conversion) I am
interested in?
<snip>
In the example c is int, as b and c. That can't overflow.
Different is
short c;
int b,a;
c =a+b
can overflow (as you say) in a+b AND in the assignment. In that
case you should separate the operations for instance
if (!overflow(a+b)) {
if (_overflow(c=a+b))
// error
}
else // error
I was asking about something I though you were proposing -- an
_overflow() "intrinsic" that returned the overflow result of the "last
operation". This is a concept that you seemed to think was
self-evident[1] but which you now seem to have abandoned.
Not at all. That is why I said above that you have to separate the
addition from the assignment. Overflow detection is NOT sticky,
i.e. it only tells you the overflow of the LAST operation.
That seems a shame. Since overflow detection is now "scoped" (it only
happens, I presume, inside a call to _overflow) I think it would be
more helpful if it *were* sticky so that
_overflow(x = y * z + w)
returns 1 if any of the operations in the expression overflow.
Again:
short c = (int)b+(int)a;
There are two operations here: "+" and "=".
To know which overflowed we do first the addition
if (!_overflow(b+a))
If that NOT overflows, THEN we test the assignment.
So, presumably, in the case where the assignment can't overflow
(i.e. going back to your original case where all variables where ints)
to set c to a + b whist checking for overflow one has to write:
if (!_overflow(a + b)) c = a + b;
?
Repeating the expression like that looks a little clumsy and error
prone.
I'd favour something more like Keith's proposal (sorry, Keith, I may
have got the details wrong) where the overflow is signalled "out of
band":
bool ovfl;
c = _overflow_checked(a + b, &ovfl);
No. And if there is no flag it emulates the flag in software.
If so, I'll start the whole thing again by
Overflow returns the state of the last operation:
1 if the last operation overflowed, zero if it didn't.
But limited to the evaluation of 'expr'? I am still not clear if
c = a + b;
if (_overflow()) ...
is allowed or not.
Semantics of _overflow()
(1) Operations in the virtual C machine as specified by the
standard can be scheduled in any order between sequence points
if that reordering doesn't affect the outcome as specified
by the programmer
(2) After scheduling operations, they are executed one after the other.
There is a LAST operation then. THAT operation sets the result of
_overflow.
What about x++ and x += e? Is the last operation the addition or the
assignment? What about function calls? Is the last operation the last
arithmetic operation performed by the function, or is it the return
operation? If it is the return, can that overflow?
The user should isolate operations to avoid ambiguities or
false negatives.
Sepantics of
#pragma overflowcheck on/off
Each of the 4 operations in +,-,*,/ are tested for overflow if
signed data is used. If any operation overflows a special
function is called with the line number and file name where
the faulty operation is detected.
The user can redefine the default, compiler provided function.
That default function looks like this:
_overflowHandler(unsigned linenum, char *fileName,...)
{
fprint(stderr,"Overflow at %s line %u\n",fileName,linenum);
abort();
}
I have been repeating that since the beginning but there is no
way that people here seem to understand
The above is new to me. I originally commented on a different proposal.
Even since then, you seem to have changed your mind about the value
checking conversions. I don't think there is, yet, a clear and stable
proposal for anyone to get behind.