Path: csiph.com!weretis.net!feeder6.news.weretis.net!feeder.usenetexpress.com!feeder-in1.iad1.usenetexpress.com!border1.nntp.dca1.giganews.com!border2.nntp.dca1.giganews.com!nntp.giganews.com!news.iecc.com!.POSTED.news.iecc.com!nerds-end From: alexfrunews@gmail.com Newsgroups: comp.compilers Subject: Re: Optimization techniques Date: Fri, 26 Apr 2019 01:33:48 -0700 (PDT) Organization: Compilers Central Lines: 49 Sender: news@iecc.com Approved: comp.compilers@iecc.com Message-ID: <19-04-025@comp.compilers> References: <72d208c9-169f-155c-5e73-9ca74f78e390@gkc.org.uk> <19-04-020@comp.compilers> Mime-Version: 1.0 Content-Type: text/plain; charset="UTF-8" Injection-Info: gal.iecc.com; posting-host="news.iecc.com:2001:470:1f07:1126:0:676f:7373:6970"; logging-data="53016"; mail-complaints-to="abuse@iecc.com" Keywords: optimize, design Posted-Date: 26 Apr 2019 15:11:44 EDT X-submission-address: compilers@iecc.com X-moderator-address: compilers-request@iecc.com X-FAQ-and-archives: http://compilers.iecc.com Xref: csiph.com comp.compilers:2209 On Thursday, April 25, 2019 at 1:14:54 PM UTC-7, Martin Ward wrote: ... > With the current situation, anyone wanting to avoid > undefined behaviour (and don't we all?) has to write code like > this for any signed operation: > > signed int sum; > if (((si_b > 0) && (si_a > (INT_MAX - si_b))) || > ((si_b < 0) && (si_a < (INT_MIN - si_b)))) { > /* Handle error */ > } else { > sum = si_a + si_b; > } In this day and age it is a shame that the language that is still very much alive does not provide the programmer with easy-to-use (and implement!) tools to perform/handle: - overflow checks like the above for +, -, *, /, %, <<, both signed and unsigned - mathematically meaningful comparison of signed and unsigned integers - arithmetic right shift out of the box - ditto rotation - arbitrary precision arithmetic (for integers of compile-time-constant length) - endianness at last - (I probably forget many more) Often times the desired functionality is already in the CPU or needs just a few more instructions but there's no simple, short and standard way to tell the compiler to generate the code for the common problem. It's always compiler extensions (or dependencies on specific compilers), #ifdefs, inline (and non-inline) assembly, code like shown above, reinvented wheels all the way, over and over again, from project to project. I understand that C is minimalistic, but I think it needs to step up a bit. When I'm handling arbitrary, potentially maliciously crafted data, I want to have those overflow checks, but I don't want to be burdened with what the compiler can easily do for me but fails to deliver year after year just because it's not in the language. What may have been deemed sufficient back in the 80's is no more. Because the Internet. Deprecating gets() is nice but doesn't quite cut it. Alex P.S. this should've probably gone to some C group.