Boost logo

Boost :

Subject: Re: [boost] a safe integer library
From: Paul A. Bristow (pbristow_at_[hidden])
Date: 2015-12-10 12:30:47


> -----Original Message-----
> From: Boost [mailto:boost-bounces_at_[hidden]] On Behalf Of Robert Ramey
> Sent: 10 December 2015 07:50
> To: boost_at_[hidden]
> Subject: [boost] a safe integer library
>
> Arithmetic operations in C++ are NOT guaranteed to yield a correct mathematical result. This
feature
> is inherited from the early days of C.
> The behavior of int, unsigned int and others were designed to map closely to the underlying
> hardware. Computer hardware implements these types as a fixed number of bits. When the result of
> arithmetic operations exceeds this number of bits, the result will not be arithmetically correct.
>
> I have crafted a library to address this issue once and for all. You can find out more about this
by
> checking out the page for Safe Numerics at the boost library incubator. www.blincubator.com
>
> I hereby request that this library be added to the boost review queue.
>
> I've also made a proposal for the C++ Standards committee to include a simplified version of this
> library as part of he C++ standard.
>
> You can see the proposal at
> http://www.rrsd.com/software_development/safe_numerics/proposal.pdf

Detecting and handling overflow (and underflow) is certainly something is a big missing item with
C/C++.

But I'm not sure that your proposal is radical enough.

I'm sure that your solution will work (though I haven't been able to study it in detail yet),
but if you allow definition of a safe minimum and maximum then I fear that you are paying the big
cost in speed
that comes from not using the built-in carry bit provided by all the processors that we care about.

So I fear it is premature until we have solved the problem of detecting overflow and underflow
efficiently.

Lawrence Crowl, Overflow-Detecting and Double-Wide Arithmetic Operations
http://www.open-std.org/jtc1/sc22/wg21/docs/papers/2015/p0103r0.html

This seems something that will allow your solution to be efficient, at least for built-in integral
types?

(And not everyone wants to throw exceptions - even if perhaps many think that they are mad?)

HTH

Paul

---
Paul A. Bristow
Prizet Farmhouse
Kendal UK LA8 8AB
+44 (0) 1539 561830

Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk