Hello! Just wish to chime in with my 2c... Would the proposed shift towards signed types only be for larger values (eg, >= 32 bits)?
Audio and rendering code would still require using unsigned types, especially when packed into buffers. (eg, 8-bit unsigned color components, 32-bit packed RGBA values, 16-bit audio samples). If just talking about improving bounds checking for array counts, and loop iterators, this would be a different story... If we were to replace uint64_t and size_t with int64_t's, would we take such bounds checking further and check for other wrap-around issues inherent to such signed / 2's compliment values? Would such checks be more effective than just asserting that a uint64_t isn't greater than the expected maximum value to catch wraparound? - Kip On Fri, Jul 5, 2019 at 11:15 AM Chris Peterson <cpeter...@mozilla.com> wrote: > On 7/5/2019 10:39 AM, Gijs Kruitbosch wrote: > >> FWIW once in a while I have come across bugs caused by truncation of > >> integers where someone picked a specific size that was too small also, > >> e.g. > >> storing an offset into a text node in a 16-bit integer. I think that's > >> maybe something that's hiding between the lines there, being careful > with > >> that direction also if you pick a type with a specific size to make sure > >> your type is large enough. > > > > Yep. Recent example: > https://bugzilla.mozilla.org/show_bug.cgi?id=1556019 . > > If integer truncation bugs are something we're really concerned about, > clang 8 added a new -Wimplicit-int-conversion (and > -Wimplicit-float-conversion) warning. Unfortunately, there are a couple > thousand instances of these warnings in mozilla-central. I don't know if > fixing them is practical, but they could be selectively enabled (or > disabled) for individual directories. > > > https://clang.llvm.org/docs/DiagnosticsReference.html#wimplicit-int-conversion > > warning: higher order bits are zeroes after implicit conversion > warning: implicit conversion loses integer precision: A to B > > warning: implicit conversion loses floating-point precision: A to B > warning: implicit conversion when assigning computation result loses > floating-point precision: A to B > _______________________________________________ > dev-platform mailing list > dev-platform@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-platform > _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
