SafeInt 3.0.13

Rating: No reviews yet
Downloads: 95
Released: Feb 12, 2010
Updated: Feb 13, 2010 by dcleblanc
Dev status: Stable Help Icon

Recommended Download

Application safeint3.hpp
application, 203K, uploaded Feb 13, 2010 - 36 downloads

Other Available Downloads

Application TestMain.cpp
application, 4K, uploaded Feb 12, 2010 - 16 downloads
Application MultVerify.cpp
application, 56K, uploaded Feb 12, 2010 - 15 downloads
Source Code SafeIntTest.cpp
source code, 7K, uploaded Feb 12, 2010 - 13 downloads
Source Code SafeIntGcc.hpp
source code, 1K, uploaded Feb 12, 2010 - 15 downloads

Release Notes

This version of SafeInt corrects a problem where various partial specializations dealing with 64-bit ints were over-specified. The error was that the method enum was forcing the parameter to an int64 or unsigned int64, but the specialization still required an int64. This isn't an issue on the Microsoft compiler where 'long long' == int64, but on the gcc compiler, you could have long, long long, or long int, which are all really int64, but the compiler sees it as different types. This is actually an improvement - makes the code more flexible and correct overall.

For example:

This implies that T == unsigned int64, U == unsigned int64 (or equivalent)
template < > class MultiplicationHelper< unsigned int64, unsigned int64, MultiplicationState_Uint64Uint64 >

This is the fixed version - we didn't need to restrict T, U to just unsigned int64
template < typename T, typename U > class MultiplicationHelper< T, U, MultiplicationState_Uint64Uint64 >

Note - updated as of 2/9 to fix typo that was causing it not to compile, but it looks like I'm the only one downloading it, so...

Perhaps 13 is really an unlucky number - fixed a 2nd typo, and apparently somehow lost all my intrinsics changes on my home dev box. I'll do that on 3.0.14, coming shortly

The verification class is complete, but it did catch one bug - repro looks like this:

SafeInt<int> si(-1);

si *= (unsigned int64)0x80000000;

Should succeed, previously would fail.

Version 3.0.12p release notes -

This release fixes the issues reported by Niels Dekker regarding standards compliance, as well as fixes for the floating point operators.

It also adds support for gcc 4.3.2, and creates the start of a test harness.

12/3/08 - Uploaded new copy of SafeIntTest.cpp - there was a typo on one of the lines that amazingly enough actually compiled. Still compiles, so no harm done.

Note - Seems that the MacOS gcc may not be the most current, and this does not compile correctly on MacOS. Seems to get confused by:

SafeInt<T>& operator %=(SafeInt<U> su)
U operator %=(SafeInt<T>)

when supplied with 2 SafeInts, despite the fact that the first is an exact match. We may be able to get it working by removing some operators.

Additionally, I've created SafeIntGcc.hpp, which needs to be included before SafeInt3.hpp. It is used to set up #defines to allow use of int8, int16, int32 and int64, which are all Microsoft-specific.

The Microsoft compiler is also happy with ptrdifft, where gcc on Linux seems to want <cstddef> included, and gcc also doesn't seem to natively know about intptrt or uintptr_t - there could be better ways to get these set up than what I've done here.

The compile test harness now effectively compiles every method using every appropriate combination of types. Some minor tweaks had to be made to make gcc happy with various things, but runtime behavior has not been changed.

Two elements of the test harness remain to be created:
1) Test all of the enums used for partial template specialization to ensure full coverage. This has been done in the internal Microsoft test harness, but an external version should be created in case someone wants to branch the code.
2) Full runtime checking of all operations. This is a large work item.

Because there is now full compile-time coverage under gcc, this is now getting moved to released stage.

Reviews for this release

No reviews yet for this release.