| Thread overview | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
July 24, 2011 [Issue 6377] New: std.conv.to should check range when changing signedness | ||||
|---|---|---|---|---|
| ||||
 | http://d.puremagic.com/issues/show_bug.cgi?id=6377 Summary: std.conv.to should check range when changing signedness Product: D Version: D2 Platform: Other OS/Version: Windows Status: NEW Severity: normal Priority: P2 Component: Phobos AssignedTo: nobody@puremagic.com ReportedBy: thecybershadow@gmail.com --- Comment #0 from Vladimir Panteleev <thecybershadow@gmail.com> 2011-07-24 15:54:35 PDT --- import std.conv, std.exception; void main() { int b = -1; assertThrown!ConvException(to!uint(b)); } -- Configure issuemail: http://d.puremagic.com/issues/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- | |||
Permalink
ReplyJuly 24, 2011 [Issue 6377] std.conv.to should check range when changing signedness | ||||
|---|---|---|---|---|
| ||||
 Posted in reply to Vladimir Panteleev | http://d.puremagic.com/issues/show_bug.cgi?id=6377 Jonathan M Davis <jmdavisProg@gmx.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |jmdavisProg@gmx.com Platform|Other |All OS/Version|Windows |All Severity|normal |enhancement --- Comment #1 from Jonathan M Davis <jmdavisProg@gmx.com> 2011-07-24 16:06:40 PDT --- That's debatable. There _are_ cases where you wouldn't want a negative value to be converted to an unsigned integral value, but there are also cases where you _would_ want it to happen. For better or worse, unsigned integral values implicitly convert to signed integral values of the same size. It ends up using the most basic version of std.conv.to T toImpl(T, S)(S value) if (isImplicitlyConvertible!(S, T)) { return value; } This isn't a bug. It _might_ be a change that we want to make, but it's not a bug. This is the expected behavior. You wouldn't get any more of an error if you just assigned to a uint from an int directly. -- Configure issuemail: http://d.puremagic.com/issues/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- | |||
July 24, 2011 [Issue 6377] std.conv.to should check range when changing signedness | ||||
|---|---|---|---|---|
| ||||
Posted in reply to Vladimir Panteleev | http://d.puremagic.com/issues/show_bug.cgi?id=6377 --- Comment #2 from Vladimir Panteleev <thecybershadow@gmail.com> 2011-07-24 16:08:26 PDT --- I thought the whole point of std.conv.to for integer to integer conversions is to make them safe, and make sure that the value - as interpreted from the source type - can be correctly represented in the destination type. If this isn't the point of std.conv.to, it should be explicitly documented what its goals are, and there should probably be something else in the standard library to facilitate safe integer conversions. -- Configure issuemail: http://d.puremagic.com/issues/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- | |||
July 24, 2011 [Issue 6377] std.conv.to should check range when changing signedness | ||||
|---|---|---|---|---|
| ||||
Posted in reply to Vladimir Panteleev | http://d.puremagic.com/issues/show_bug.cgi?id=6377 --- Comment #3 from Jonathan M Davis <jmdavisProg@gmx.com> 2011-07-24 16:20:40 PDT --- It depends on what you mean by "safe." When we talk about safe, we usually mean "memory safe," and this conversion is perfectly safe as far as memory goes. And even with regards to other types of safe, whether converting -1 to uint could still be safe. There are plenty of cases where people do that _on purpose_. Obviously, if you're looking to ensure that negative values aren't converted to unsigned ones, this isn't safe. So, it depends entirely on what you're trying to do. And generally speaking, safe refers to memory safety, and this _is_ safe in that sense. I don't think that we ever actually use the term safe to refer to making sure that a negative value isn't converted to an unsigned value or that an unsigned value which is outside of the range of a signed value isn't converted to a signed one. Now, std.conv _will_ throw a ConvOverflowException error in cases where you do something like convert an int to a byte when it won't fit, so there's a definite argument that converting from -1 to uint with std.conv.to should throw. But the language itself considers int and uint interchangeable as far as conversions go. No cast is even necessary (while it _would_ be when converting from int to byte). So, whether to!uint(-1) should throw or not is up for debate. It's completely memory safe, and the language itself has no problem with the conversion and requires no cast. But there are plenty of people who would want it to catch such an overflow just like it would when converting from an int to a byte. So, this is a perfectly legitimate enhancement request, and we may very well want to change how it acts in this case, but it's not a bug. -- Configure issuemail: http://d.puremagic.com/issues/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- | |||
July 24, 2011 [Issue 6377] std.conv.to should check range when changing signedness | ||||
|---|---|---|---|---|
| ||||
Posted in reply to Vladimir Panteleev | http://d.puremagic.com/issues/show_bug.cgi?id=6377 --- Comment #4 from Vladimir Panteleev <thecybershadow@gmail.com> 2011-07-24 16:22:56 PDT --- OK, I agree completely. -- Configure issuemail: http://d.puremagic.com/issues/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- | |||
July 25, 2011 [Issue 6377] std.conv.to should check range when changing signedness | ||||
|---|---|---|---|---|
| ||||
 Posted in reply to Vladimir Panteleev | http://d.puremagic.com/issues/show_bug.cgi?id=6377 bearophile_hugs@eml.cc changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |bearophile_hugs@eml.cc --- Comment #5 from bearophile_hugs@eml.cc 2011-07-25 05:32:10 PDT --- I approve this enhancement request. In this case if you don't want an error you just don't use to!(). I think to!() is meant to be a safe cast (reminder: safe != memory safe). -- Configure issuemail: http://d.puremagic.com/issues/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- | |||
July 25, 2011 [Issue 6377] std.conv.to should check range when changing signedness | ||||
|---|---|---|---|---|
| ||||
Posted in reply to Vladimir Panteleev | http://d.puremagic.com/issues/show_bug.cgi?id=6377 --- Comment #6 from Jonathan M Davis <jmdavisProg@gmx.com> 2011-07-25 09:07:54 PDT --- When talking about safe in D, it means memory safe. That's what @safe is for. As such, if you mean something _other_ than memory safe, you need to be more specific. Otherwise, talking about safe becomes kind of meaningless, because it could mean just about anything. -- Configure issuemail: http://d.puremagic.com/issues/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- | |||
July 25, 2011 [Issue 6377] std.conv.to should check range when changing signedness | ||||
|---|---|---|---|---|
| ||||
 Posted in reply to Vladimir Panteleev | http://d.puremagic.com/issues/show_bug.cgi?id=6377 Andrei Alexandrescu <andrei@metalanguage.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |andrei@metalanguage.com --- Comment #7 from Andrei Alexandrescu <andrei@metalanguage.com> 2011-07-25 10:59:52 PDT --- (In reply to comment #6) > When talking about safe in D, it means memory safe. That's what @safe is for. As such, if you mean something _other_ than memory safe, you need to be more specific. Otherwise, talking about safe becomes kind of meaningless, because it could mean just about anything. Agreed. That being said, generally std.conv.to is meant to bring additional protection compared to a cast and to memory safety. Probably rejecting conversion from negative int to uint is a good decision. If one doesn't care, one can always use a cast instead. -- Configure issuemail: http://d.puremagic.com/issues/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- | |||
August 13, 2011 [Issue 6377] std.conv.to should check range when changing signedness | ||||
|---|---|---|---|---|
| ||||
 Posted in reply to Vladimir Panteleev | http://d.puremagic.com/issues/show_bug.cgi?id=6377 Kenji Hara <k.hara.pg@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Keywords| |patch CC| |k.hara.pg@gmail.com --- Comment #8 from Kenji Hara <k.hara.pg@gmail.com> 2011-08-12 21:46:41 PDT --- https://github.com/D-Programming-Language/phobos/pull/185 -- Configure issuemail: http://d.puremagic.com/issues/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- | |||
September 06, 2011 [Issue 6377] std.conv.to should check range when changing signedness | ||||
|---|---|---|---|---|
| ||||
Posted in reply to Vladimir Panteleev | http://d.puremagic.com/issues/show_bug.cgi?id=6377 Kenji Hara <k.hara.pg@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |FIXED --- Comment #9 from Kenji Hara <k.hara.pg@gmail.com> 2011-09-06 02:44:21 PDT --- https://github.com/D-Programming-Language/phobos/commit/995ddfc3316a6f6c520f84e6b44fb6c6c3c26d63 -- Configure issuemail: http://d.puremagic.com/issues/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- | |||
Copyright © 1999-2021 by the D Language Foundation