The LLVM development list has been having a similar discussion, started by a proposal to essentially follow the Google style guide:
http://lists.llvm.org/pipermail/llvm-dev/2019-June/132890.html The initial email has links you can follow for more information. I recommend starting here: https://www.youtube.com/watch?v=yG1OZ69H_-o&feature=youtu.be&t=2249 Both for the "why is unsigned arithmetic problematic at scale" (spoiler: you can't check for bad things happening automatically) and an example of "what sort of optimizations are you giving up". Chandler (the speaker above) has a response that is worth reading (noting that objections like yours and otherwise are addressed by the links in the original email): http://lists.llvm.org/pipermail/llvm-dev/2019-June/133023.html -Nathan On Thu, Jul 4, 2019 at 2:03 PM Jeff Gilbert <jgilb...@mozilla.com> wrote: > > I really, really like unsigned types, to the point of validating and > casting into unsigned versions for almost all webgl code. It's a huge > help to have a compile-time constraint that values can't be negative. > (Also webgl has implicit integer truncation warnings-as-errors, so we > don't really worry about mixed-signedness) > > If we insist on avoiding standard uint types, I'll be writing uint31_t > wrappers. > > If we're going to recommend against uint types, I would like to see > specific compelling examples of problems with them, not just prose > about "many people say" or "maybe missed optimizations". > > On Thu, Jul 4, 2019 at 8:11 AM Botond Ballo <bba...@mozilla.com> wrote: > > > > On Thu, Jul 4, 2019 at 7:11 AM Henri Sivonen <hsivo...@mozilla.com> wrote: > > > > Do you happen to know why? Is this due to worries about underflow or > > > > odd behavior on subtraction or something? > > > > > > I don't _know_, but most like they want to benefit from optimizations > > > based on overflow being UB. > > > > My understanding is yes, that's one of the motivations. > > > > Another, as hinted at in Gerald's quote, is that tools like UBSan can > > diagnose and catch signed overflow because it's undefined behaviour. > > They can't really do that for unsigned overflow because, since that's > > defined to wrap, for all the tool knows the code author intended for > > the overflow and wrapping to occur. > > > > Cheers, > > Botond > > _______________________________________________ > > dev-platform mailing list > > dev-platform@lists.mozilla.org > > https://lists.mozilla.org/listinfo/dev-platform > _______________________________________________ > dev-platform mailing list > dev-platform@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-platform _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
