Boost logo

Boost :

Subject: Re: [boost] safe integer library -- the scope
From: Rob Stewart (rob.stewart_at_[hidden])
Date: 2015-12-14 16:01:21


On December 14, 2015 3:23:28 PM EST, Robert Ramey <ramey_at_[hidden]> wrote:
> On 12/14/15 11:15 AM, Rob Stewart wrote:
> > On December 14, 2015 11:39:50 AM EST, Robert Ramey <ramey_at_[hidden]>
> wrote:
> >>>>>> runtime checking is required. Here we've achieved the holy
> >> grail:
> >>>>>>
> >>>>>> a) guaranteed correct arithmetic result
> >>>>>> b) no runtime overhead.
> >>>>>> c) no exception code emitted.
> >>>>>> d) no special code - we just write algebraic expressions
> >>>>>>
> >>>>>> This is the true motivation for safe_..._range
> >>>>
> >>>> Why isn't that the behavior of your safe type in the first place?
> >>
> >> it is
> >
> > I'm confused. If that's the behavior of safe, why do you need
> safe_..._range?
>
> >> That is,
> >>>> what benefit does your safe type offer that it shouldn't just be
> >> supplanted
> >>>> by the range type?
> >>
> >> safe<T> can be used as a drop in replacement for T . safe...range
> >> cannot.
> >
> > Why not?
>
> It's really syntactical sugar
>
> everywhere I int I can now use safe<int>. Without this, I'd have to
> write
>
> safe_integer_range<
> std::numeric_limits<int>::min(),
> std::numeric_limits<int>::max()
> >
>
> which would become tedious.

I showed a safe class template, below, that defaulted the min and max to those values, and you said that was "exactly what safe<T> is". If yours has those defaults, then there is no such tedium.

> >>>> However, since min() and max() are now constexpr, that all can be
> >>>> collapsed into a single template with three parameterizing types:
> >> the
> >>>> underlying type, the minimum, and the maximum:
> >>>>
> >>>> template
> >>>> <
> >>>> class T
> >>>> , T Min = std::numeric_limits<T>::min()
> >>>> , T Max = std::numeric_limits<T>::max()
> >>>>>
> >>>> class safe;
> >>
> >> That's exactly what safe<T> is.
> >
> > Why doesn't that suffice for all use cases?
>
> Hmm - can I rephrase this question as
>
> what is safe_range<Min, Max> good for?
>
> answer - lot's of things
>
> b) The main driver is a case like the following:
>
> int a, x
> int y = a * x; // possible error
>
> safe<int> a, x;
> safe<int> y = a * x; // possible error - but checked at runtime
>
> safe_integer_range<-10, 10> a, x;
> safe<int> y = a * x; // no runtime checking necessary
>
> though of course something like the following would be useful
>
> using minutes_t = safe_unsigned_range<0, 59>
>
> There are other examples in the documentation.

I'd expect that from the one safe class template. I'm missing something.

___
Rob

(Sent from my portable computation engine)


Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk