Le 07.02.2010 18:45, Julien PUYDT a écrit : > Matthieu Fertré a écrit : > >> I'm quite fed up with integer overflow/wrap. Unsigned integers in >> particular are particularly dangerous [1]. Last week, I have again fixed >> a bug related to unsigned int wrap (uint length = 0 - 4, the result of >> this operation gives a very big number, not zero nor -4) >> >> One friend suggests me to implement an UnsignedInt class, redefining >> operators, so that it ensures that unsigned never begans negative and >> launches assertion failure when it happens. Then, we just have to >> "typedef uint UnsignedInt" instead of "typedef uint unsigned int". >> >> Are you ok with that ? (The class may optionnally be used only in debug >> mode) >> > Uh... wouldn't it be simpler to enable some compiler warnings on stupid > integer arithmetic, and fix those places which trigger those? >
Well. Unfortunately not! We are already using -Wall -Werror -Wextra ... Such overflow can be detected only at runtime, not at build time. The idea is of course to fix the places where there are some problems. > I fear a class for unsigned integers will use more memory and be slower... > Yes, definitely! That's why I suggested to use this class only in debug mode. > Snark > Matt (gentildemon) _______________________________________________ Wormux-dev mailing list Wormux-dev@gna.org https://mail.gna.org/listinfo/wormux-dev
