Hi Paul,
I'd like to understand how much better this "ptrdiff_t world" is.
> This has the advantage that signed integer overflow can be detected
> automatically on some platforms
You mean "-fsanitize=undefined", right?
Does this also catch the following situations?
a) Pointer subtraction. ISO C11 ยง J.2 says:
"The behavior is undefined in the following circumstances: ...
The result of subtracting two pointers is not representable in an object
of type ptrdiff_t (6.5.6)."
b) When assigning a 'size_t' value > PTRDIFF_MAX to a 'ptrdiff_t' variable,
is that undefined behaviour? Is that caught by "-fsanitize=undefined"?
Bruno
