
Boost : 
From: Ben Hutchings (ben.hutchings_at_[hidden])
Date: 20040927 08:01:34
Matt Hurd <matt.hurd_at_[hidden]> wrote:
> Victor A. Wagner Jr. <vawjr_at_[hidden]> wrote:
> > I don't see the safety issue and what you showed is incorrect;
> > a + (ba) / 2 is at least correct, but ba overflows just as readily
> > as a+b
>
> oops, for sure, ba rather.
>
> I'm missing some understanding, given that b >= a, why is ba just as
> ready to overflow as a+b? I guess you are saying b  a > 2GB
> (typical ptrdiff_t) is just as likely as an overflow from a + b, if
> it was legal, on a common 32 bit platform for example, or have I
> misunderstood?
For any two pointers a, b into the same array, b  a is welldefined,
so a + (b  a) / 2 is as well. (So if ptrdiff_t has n value bits,
arrays must have fewer than 2^(n1) elements.) If a and b don't point
into the same array, b  a is undefined. I don't see any basis for
Victor's statement that "ba overflows".
Given the way pointers are commonly represented, adding them is likely
to result in overflow very often unless one uses extra bits in the
representation of pointer sums. This is not a problem if one sticks
to modulo arithmetic, but it is if one wants to do division.
Ben.
Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk