Boost logo

Boost :

Subject: Re: [boost] safe integer library -- the scope
From: Robert Ramey (ramey_at_[hidden])
Date: 2015-12-14 15:23:28


On 12/14/15 11:15 AM, Rob Stewart wrote:
> On December 14, 2015 11:39:50 AM EST, Robert Ramey <ramey_at_[hidden]> wrote:
>>>>>> runtime checking is required. Here we've achieved the holy
>> grail:
>>>>>>
>>>>>> a) guaranteed correct arithmetic result
>>>>>> b) no runtime overhead.
>>>>>> c) no exception code emitted.
>>>>>> d) no special code - we just write algebraic expressions
>>>>>>
>>>>>> This is the true motivation for safe_..._range
>>>>
>>>> Why isn't that the behavior of your safe type in the first place?
>>
>> it is
>
> I'm confused. If that's the behavior of safe, why do you need safe_..._range?

>
>> That is,
>>>> what benefit does your safe type offer that it shouldn't just be
>> supplanted
>>>> by the range type?
>>
>> safe<T> can be used as a drop in replacement for T . safe...range
>> cannot.
>
> Why not?

It's really syntactical sugar

everywhere I int I can now use safe<int>. Without this, I'd have to write

safe_integer_range<
     std::numeric_limits<int>::min(),
     std::numeric_limits<int>::max()
>

which would become tedious.

>
>>>> However, since min() and max() are now constexpr, that all can be
>>>> collapsed into a single template with three parameterizing types:
>> the
>>>> underlying type, the minimum, and the maximum:
>>>>
>>>> template
>>>> <
>>>> class T
>>>> , T Min = std::numeric_limits<T>::min()
>>>> , T Max = std::numeric_limits<T>::max()
>>>>>
>>>> class safe;
>>
>> That's exactly what safe<T> is.
>
> Why doesn't that suffice for all use cases?

Hmm - can I rephrase this question as

what is safe_range<Min, Max> good for?

answer - lot's of things

b) The main driver is a case like the following:

int a, x
int y = a * x; // possible error

safe<int> a, x;
safe<int> y = a * x; // possible error - but checked at runtime

safe_integer_range<-10, 10> a, x;
safe<int> y = a * x; // no runtime checking necessary

though of course something like the following would be useful

using minutes_t = safe_unsigned_range<0, 59>

There are other examples in the documentation.

Robert Ramey


Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk