Comments (8)
gcc also supports them:
https://gcc.gnu.org/onlinedocs/gcc/Integer-Overflow-Builtins.html
from cppcoreguidelines.
While the stated issue is true, it is not the only one. Even I think that we can prove any software be failure under specific condition. The opposite is also true. In a way we can enter endless discussion. Hence we should constrain ourselves to given topic. The topic for which this example is "consider post condition". I guess this note is relevant for each point in this guide though. Best regards.
from cppcoreguidelines.
The text explicitly talks about checking for an overflow, though. Then I would expect the check to be valid C++ code:
We also left out the postcondition specification, so it is not obvious that the algorithm ( height * width ) is wrong for areas larger than the largest integer. Overflow can happen
from cppcoreguidelines.
You are right. The example could be improved in that sense. My point was just to underline the intention of the code, not its specific implementation.
from cppcoreguidelines.
Discussed on 11/30/2015.
from cppcoreguidelines.
Not all overflows are equal: integers used as indexes or buffer lengths are the ones you most care about as they affect memory or bounds safety.
There are cases where there are real issues--what should people write? It might make sense for the GSL to provide a mechanism to perform these operations that might overflow for signed integers. In the Guidelines we can direct people when to use these support functions.
The design issue is that if overflow is significant here, shouldn't it be an Expects rather than Ensures?
A safe_integer type may be desirable here--a type that you know has not overflowed. There are a few options out here--GDR, Neil, can you look at these? We should favor one that has a clean interface at the time being. Please also include a proposal as to whether this uses contracts internally and what level of control the user has over checking.
Decision: We'll have a discussion note about what to do about overflows and undefined behavior.
Thank you for raising this issue, @Kristine1975. We'll create a discussion section.
from cppcoreguidelines.
Regarding safe_integer library, I think this one is worth a look: http://doublewise.net/c++/bounded/ - I haven't used it in a big project though.
Regarding the checks: I think the typical way to check those things would look something like this:
Expects(height >= 0);
Expects(width >= 0);
Expects(height==0 || std::numeric_limits<int>::max() / height >= width);
int res = height * width;
Ensures(res>=0);
return res;
In essence: you check the inverse operation with the maximal value a type can have. As you can see, it is quite a mouth full and hence I find it unlikely that it will get widespread use unless those checks are encapsulated in a type (and even then, the overhead might be forbidding in some cases).
from cppcoreguidelines.
We looked at this again today, but we've decided we need to postpone any action while we discuss Contracts in the C++ Standards Committee. This issue raises one of the most subtle points of Contracts.
from cppcoreguidelines.
Related Issues (20)
- Halo HOT 1
- Remove enforcement rules of rule F.17 HOT 7
- ES.79 is a terrible advice and should be dropped HOT 14
- C.21 Exception for copy-and-swap idiom HOT 4
- Broken links HOT 3
- F.20 should exclude swap HOT 3
- SF.2 allow inline variables and static inline class member variables HOT 1
- F.16 (pass by reference to const / by value): Request for clarification HOT 6
- Poor (and nearly-incorrect) example for rule F.27 (shared_ptr) HOT 4
- Challenging C.153 "Prefer virtual function to casting" HOT 4
- ES.56 Clarification on moving when assigning to reference outside of scope HOT 3
- F.16 Allow pass-by-value for types that are copied HOT 2
- `gsl::suppress` issues collected: Strings, literals, cases HOT 2
- Hi
- New NL Rule suggestion: Place comment-only lines before the code they apply to HOT 1
- Should/can Expects and Ensures be macros?
- Check for invalidated iterator/dangling reference on heap reallocation HOT 2
- Turning off clang unsafe buffer warnings fails when compiling with a gcc based compiler HOT 2
- CodSoft Internship Task 2 /TASK 2 SIMOPLE CALCULATOR #include <iostream> using namespace std; int main() { double num1, num2; char operation; // Input cout << "Enter first number: "; cin >> num1; cout << "Enter second number: "; cin >> num2; cout << "Enter operation (+, -, *, /): "; cin >> operation; // Calculation and output switch (operation) { case '+': cout << "Result: " << num1 + num2; break; case '-': cout << "Result: " << num1 - num2; break; case '*': cout << "Result: " << num1 * num2; break; case '/': if (num2 != 0) cout << "Result: " << num1 / num2; else cout << "Error! Division by zero."; break; default: cout << "Invalid operation!"; } return 0; } HOT 2
- Cpp programs HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from cppcoreguidelines.