Boost logo

Boost :

Subject: Re: [boost] safe integer library -- the scope
From: Robert Ramey (ramey_at_[hidden])
Date: 2015-12-11 20:15:17


On 12/11/15 4:54 PM, Andrzej Krzemienski wrote:

>> In the context of this library the safe_range ... are important for a very
>> special reason. The bounds are carried around with type of expression
>> results. So if I write
>>
>> save<int> a, x, b, y;
>> y = a * x + b;
>>
>> runtime checking will generally have to be performed. But if I happen to
>> know that my variables are limited to certain range.
>>
>> safe_integer_range<-100, 100> a, x, b, y;
>> y = a * x + b;
>>
>> Then it can be known at compile time that y can never overflow so no
>> runtime checking is required. Here we've achieved the holy grail:
>>
>> a) guaranteed correct arithmetic result
>> b) no runtime overhead.
>> c) no exception code emitted.
>> d) no special code - we just write algebraic expressions
>>
>
> How can this be possible? If I assign:
>
> a = 100;
> x = 100;
> b = 100;
>
> then (a * x + b) results 10100 and will overflow upon assignment to y. Or
> am I missing something?

whoops - need to make an adjustment

using safe_t = safe_integer_range<-100, 100, native, trap_exception>;

safe_integer_range<-100, 100> a, x, b, y;
y = a * x + b;

at compile time it detected that the result falls in the range
[-10100, 10100] and that this range is not included in the range
[100, 100]. The trap_exception policy will invoke a static_assert.

Robert Ramey


Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk