--
You received this message because you are subscribed to the Google Groups "ISO C++ Standard - Future Proposals" group.
To unsubscribe from this group and stop receiving emails from it, send an email to std-proposals+unsubscribe@isocpp.org.
To post to this group, send email to std-pr...@isocpp.org.
To view this discussion on the web visit https://groups.google.com/a/isocpp.org/d/msgid/std-proposals/47e7f79f-8676-4a63-b7d3-09d64219d575%40isocpp.org.
Writing a hypervisor in C++, and at least on Intel that are a lot of things that require 8 and 16 bit integers. To my surprise, this generates a warning about conversions:uint16_t data1 = 1;uint16_t data2 = data1 + 1; // warning on possible overflow
The reason is, in C++, when you perform arithmetic, the compiler is allowed to up-cast for you to an int if it results in a performance improvement. So the compiler changes the result of data1 + 1 to an int, and then complains because you could lose data if you store an int back into something smaller, even though the programmer never intended it to be an int in the first place. The following also fails which gets rid of the 1 which is technically an int (although no warnings are fired when you store 1 into something smaller.. only when you use it in arithmetic):uint16_t data1 = 1;uint16_t data2 = 1;uint16_t data3 = data1 + data2; // warning on possible overflowNow... one might think.. that warning is valid because adding 1 to anything could result in an overflow, except that the same is not true for an int.int data1 = 1;int data2 = 1;int data3 = data1 + data2; // compiles fineHas there ever been a proposal to fix this? At least in our code, this one fix would get rid of a LOT of gsl::narrow_casts as it seems to me the warning is a bit overkill as the programmer's intent is valid, it's the compiler doing wonky things.Thanks a ton,- Rian
--
You received this message because you are subscribed to the Google Groups "ISO C++ Standard - Future Proposals" group.
To unsubscribe from this group and stop receiving emails from it, send an email to std-proposals+unsubscribe@isocpp.org.
To post to this group, send email to std-pr...@isocpp.org.
To view this discussion on the web visit https://groups.google.com/a/isocpp.org/d/msgid/std-proposals/47e7f79f-8676-4a63-b7d3-09d64219d575%40isocpp.org.
To unsubscribe from this group and stop receiving emails from it, send an email to std-proposal...@isocpp.org.
To post to this group, send email to std-pr...@isocpp.org.
To view this discussion on the web visit https://groups.google.com/a/isocpp.org/d/msgid/std-proposals/47e7f79f-8676-4a63-b7d3-09d64219d575%40isocpp.org.
On 2016–10–19, at 8:31 PM, dgutson . <daniel...@gmail.com> wrote:On Tue, Oct 18, 2016 at 8:11 PM, <rian...@gmail.com> wrote:Writing a hypervisor in C++, and at least on Intel that are a lot of things that require 8 and 16 bit integers. To my surprise, this generates a warning about conversions:uint16_t data1 = 1;uint16_t data2 = data1 + 1; // warning on possible overflowInterestingly, g++ (5.4) does not complain with that snippet, until you do { } initialization:
On 2016–10–19, at 8:31 PM, dgutson . <daniel...@gmail.com> wrote:On Tue, Oct 18, 2016 at 8:11 PM, <rian...@gmail.com> wrote:Writing a hypervisor in C++, and at least on Intel that are a lot of things that require 8 and 16 bit integers. To my surprise, this generates a warning about conversions:uint16_t data1 = 1;uint16_t data2 = data1 + 1; // warning on possible overflowInterestingly, g++ (5.4) does not complain with that snippet, until you do { } initialization:I tried GCC and Clang with -Wall -Wextra -Woverflow -Wnarrowing and couldn’t get any diagnoses.With braces, the narrowing conversion makes the program ill-formed.
It is conforming to issue a warning for an ill-formed program, but it is nonconforming to be quiet. The standard doesn’t usually differentiate between error messages and warning messages.To silence the warning requires a static_cast on the sum: data2{ static_cast< uint16_t >( data1 + 1 ) }.It would be nice to redo C++ without integer promotion, but perhaps allowing the same optimization as a matter of undefined overflow, much as floating-point computations don’t have guaranteed imprecision. Unfortunately, we’re pretty much stuck with it.
--
You received this message because you are subscribed to the Google Groups "ISO C++ Standard - Future Proposals" group.
To unsubscribe from this group and stop receiving emails from it, send an email to std-proposals+unsubscribe@isocpp.org.
To post to this group, send email to std-pr...@isocpp.org.
To view this discussion on the web visit https://groups.google.com/a/isocpp.org/d/msgid/std-proposals/15C675BC-1FAC-4196-9978-FAB54B0DE897%40gmail.com.
On Wed, Oct 19, 2016 at 9:55 AM, David Krauss <pot...@gmail.com> wrote:On 2016–10–19, at 8:31 PM, dgutson . <daniel...@gmail.com> wrote:On Tue, Oct 18, 2016 at 8:11 PM, <rian...@gmail.com> wrote:Writing a hypervisor in C++, and at least on Intel that are a lot of things that require 8 and 16 bit integers. To my surprise, this generates a warning about conversions:uint16_t data1 = 1;uint16_t data2 = data1 + 1; // warning on possible overflowInterestingly, g++ (5.4) does not complain with that snippet, until you do { } initialization:I tried GCC and Clang with -Wall -Wextra -Woverflow -Wnarrowing and couldn’t get any diagnoses.With braces, the narrowing conversion makes the program ill-formed.Is this ill-formed?uint16_t data2{data1 + uint16_t(1)};Accordint to what paragraph?
It is conforming to issue a warning for an ill-formed program, but it is nonconforming to be quiet. The standard doesn’t usually differentiate between error messages and warning messages.To silence the warning requires a static_cast on the sum: data2{ static_cast< uint16_t >( data1 + 1 ) }.It would be nice to redo C++ without integer promotion, but perhaps allowing the same optimization as a matter of undefined overflow, much as floating-point computations don’t have guaranteed imprecision. Unfortunately, we’re pretty much stuck with it.
--
You received this message because you are subscribed to the Google Groups "ISO C++ Standard - Future Proposals" group.
To unsubscribe from this group and stop receiving emails from it, send an email to std-proposal...@isocpp.org.
To post to this group, send email to std-pr...@isocpp.org.
To view this discussion on the web visit https://groups.google.com/a/isocpp.org/d/msgid/std-proposals/15C675BC-1FAC-4196-9978-FAB54B0DE897%40gmail.com.
Is this ill-formed?uint16_t data2{data1 + uint16_t(1)};Accordint to what paragraph?
Is this ill-formed?uint16_t data2{data1 + uint16_t(1)};Accordint to what paragraph?[dcl.init.list]/3.7:— Otherwise, if the initializer list has a single element of type E and either T is not a reference type or itsreferenced type is reference-related to E, the object or reference is initialized from that element (bycopy-initialization for copy-list-initialization, or by direct-initialization for direct-list-initialization); if anarrowing conversion (see below) is required to convert the element to T, the program is ill-formed.[ Example:int x1 {2}; // OKint x2 {2.0}; // error: narrowing—end example ]Where a narrowing conversion includes conversions
— from an integer type or unscoped enumeration type to an integer type that cannot represent all thevalues of the original type, except where the source is a constant expression whose value after integralpromotions will fit into the target type
.
--
You received this message because you are subscribed to the Google Groups "ISO C++ Standard - Future Proposals" group.
To unsubscribe from this group and stop receiving emails from it, send an email to std-proposals+unsubscribe@isocpp.org.
To post to this group, send email to std-pr...@isocpp.org.
To view this discussion on the web visit https://groups.google.com/a/isocpp.org/d/msgid/std-proposals/6daefe47-c583-4283-95cf-cdef3a75808d%40isocpp.org.
Awesome, yeah that's what I wanted to clarify as others have blamed it on the spec, so i wanted to get this clarified before reporting a bug.
--
You received this message because you are subscribed to the Google Groups "ISO C++ Standard - Future Proposals" group.
To unsubscribe from this group and stop receiving emails from it, send an email to std-proposals+unsubscribe@isocpp.org.
To post to this group, send email to std-pr...@isocpp.org.
To view this discussion on the web visit https://groups.google.com/a/isocpp.org/d/msgid/std-proposals/37a83997-8e2c-4da1-ad8d-cdf04b83c7cd%40isocpp.org.
Actually, the compiler is required to perform the cast to int, due to integer
promotion rules. But the operation doesn't change either way.
Indeed, this causes a signed integer overflow, which is UB.
If you'd written:
x *= unsigned(x);
Then this is no longer UB.
I think it does. The point is that the operation is always done on int on
those machines, whether you want it or not (and RISC machines are still the
majority, despite my employer's best efforts). So the standard says that the
compiler does not have to emulate whatever behaviour would be necessary for
lesser-ranked types.
I can't think of which operation would be different on 16-bit than on 32-bit,
but that doesn't mean one doesn't exist.