<html>
<head>
<style><!--
.hmmessage P
{
margin:0px;
padding:0px
}
body.hmmessage
{
font-size: 10pt;
font-family:Verdana
}
--></style>
</head>
<body class='hmmessage'>
Sorry, not literals.<BR>
<BR>
How do I write correct portable code to test if a Word is greater than -FIRST(INTEGER)?<BR>
<BR>
How do I express -FIRST(INTEGER)? Without incurring signed overflow<BR>
while evaluating the constant expression?<BR>
<BR>
For a one's complement system, nothing wrong with -FIRST(INTEGER).<BR>
It equals LAST(INTEGER).<BR>
<BR>
But for a two's complement system, evaluating -FIRST(INTEGER)<BR>
incurs overflow.<BR>
<BR>
Maybe:<BR>
Word.Add(-(FIRST(INTEGER) + 1)), 1)<BR>
<BR>
?<BR>
<BR>
Probably. I'll try that.<BR>
<BR>
You know, C has the same dilemna and similar solution.<BR>
not a great idea to write<BR>
unsigned u = (unsigned)-INT_MIN;<BR>
<BR>
nor<BR>
<BR>
unsigned u = -(unsigned)INT_MIN;<BR>
<BR>
though the second is maybe ok.<BR>
The first incurs signed overflow in C as well.<BR>
Which isn't defined. The first also gets a warning<BR>
with some compilers: "negating unsigned is still unsigned".<BR>
<BR>
An idiom is<BR>
unsigned u = ((unsigned)-(INT_MIN + 1)) + 1;<BR>
<BR>
derivation:<BR>
INT_MIN + 1 yields a negative number that can be safely negated.<BR>
Which yields a positive number one less than the desired value.<BR>
<BR>
<BR>
- Jay<BR><BR>
<HR id=stopSpelling>
Subject: Re: [M3devel] the meaning of -FIRST(INTEGER)?<BR>From: hosking@cs.purdue.edu<BR>Date: Fri, 22 Jan 2010 18:52:05 -0500<BR>CC: rodney_bates@lcwb.coop; m3devel@elegosoft.com<BR>To: jay.krell@cornell.edu<BR><BR><BASE><SPAN style="FONT-FAMILY: Times" class=ecxApple-style-span>
<DIV><SPAN style="FONT-FAMILY: Helvetica" class=ecxApple-style-span>
<DIV><SPAN style="TEXT-TRANSFORM: none; TEXT-INDENT: 0px; BORDER-COLLAPSE: separate; FONT: medium Helvetica; WHITE-SPACE: normal; LETTER-SPACING: normal; WORD-SPACING: 0px" class=ecxApple-style-span>
<DIV style="FONT-FAMILY: Verdana; FONT-SIZE: 10pt" class=ecxhmmessage>
<DIV>There's no language hole! Unsigned literals and unsigned constant expressions can easily be handled.</DIV>
<DIV><BR></DIV>
<DIV>Literals:</DIV></DIV></SPAN></DIV></SPAN></DIV>
<DIV><BR></DIV>If no explicit base is present, the value of the literal must be at most <TT>LAST(INTEGER)</TT>. If an explicit base is present, the value of the literal must be less than<TT>2^Word.Size</TT>, and its interpretation uses the convention of the <A href="http://www.cs.purdue.edu/homes/hosking/m3/reference/word-intf.html"><TT>Word</TT></A> interface. For example, on a sixteen-bit two's complement machine, <TT>16_FFFF</TT> and <TT>-1</TT>represent the same value.</SPAN><BR><BR>
<DIV>
<DIV>Constant expressions:</DIV>
<DIV><BR></DIV>
<DIV>CONST x = Word.Plus(16_FFFF, 1)</DIV>
<DIV><BR></DIV>
<DIV><BR></DIV>
<DIV>On 22 Jan 2010, at 17:51, Jay K wrote:</DIV><BR class=ecxApple-interchange-newline>
<BLOCKQUOTE><SPAN style="TEXT-TRANSFORM: none; TEXT-INDENT: 0px; BORDER-COLLAPSE: separate; FONT: medium Helvetica; WHITE-SPACE: normal; LETTER-SPACING: normal; WORD-SPACING: 0px" class=ecxApple-style-span>
<DIV style="FONT-FAMILY: Verdana; FONT-SIZE: 10pt" class=ecxhmmessage>I think there is a language hole here.
<DIV>The language should perhaps allow for</DIV>
<DIV>unsigned literals and unsigned constant</DIV>
<DIV>expressions.</DIV>
<DIV><BR></DIV>
<DIV><BR></DIV>
<DIV>Something I don't quite have my head around as well,</DIV>
<DIV>maybe a language/library hole, is how to do</DIV>
<DIV>e.g. the below, without assuming two's complement</DIV>
<DIV>representation of signed integers.</DIV>
<DIV><BR></DIV>
<DIV><BR></DIV>
<DIV>Can we maybe add Word.AbsoluteValueOfInteger?</DIV>
<DIV>The implementation would, roughly:</DIV>
<DIV> IF i < 0 THEN </DIV>
<DIV> i := -i;</DIV>
<DIV> END;</DIV>
<DIV> RETURN i;</DIV>
<DIV> END;</DIV>
<DIV><BR></DIV>
<DIV>with the extra qualification that overflow is silent</DIV>
<DIV><BR></DIV>
<DIV><BR></DIV>
<DIV> > But surely, we could agree that compile time<BR style="TEXT-INDENT: 0in !important"> > arithmetic should do the same thing as runtime would, for a given<BR style="TEXT-INDENT: 0in !important"> > implementation.</DIV>
<DIV><BR></DIV>
<DIV>Uh huh. This is why you need *different types* (or interfaces)</DIV>
<DIV>for the variety of integer overflow behavior and not a runtime</DIV>
<DIV>setting. Otherwise the compiler can't know what the</DIV>
<DIV>runtime behavior is.</DIV>
<DIV><BR></DIV>
<DIV><BR></DIV>
<DIV>As well, using static typing instead of a runtime setting,</DIV>
<DIV>allows for efficiency. Imagine, say, if x86 does require</DIV>
<DIV>extra code to check for overflow.</DIV>
<DIV>Well, if using "integer-with-silent-overflow", that</DIV>
<DIV>would be omitted. If using "integer-with-overflow"</DIV>
<DIV>the code would be included.</DIV>
<DIV><BR></DIV>
<DIV><BR></DIV>
<DIV>I introduce the error. It used to be silent.</DIV>
<DIV>I changed it to a warning, for the</DIV>
<DIV>very specific case of negating FIRST(INTEGER).</DIV>
<DIV>Any other overflow here, which is probably not</DIV>
<DIV>possible, will still error.</DIV>
<DIV><BR></DIV>
<DIV> - Jay<BR><BR><BR>> Date: Fri, 22 Jan 2010 19:56:37 +0000<BR>> From:<SPAN class=ecxApple-converted-space> </SPAN><A href="mailto:rodney_bates@lcwb.coop">rodney_bates@lcwb.coop</A><BR>> To:<SPAN class=ecxApple-converted-space> </SPAN><A href="mailto:m3devel@elegosoft.com">m3devel@elegosoft.com</A><BR>> Subject: Re: [M3devel] the meaning of -FIRST(INTEGER)?<BR>><SPAN class=ecxApple-converted-space> </SPAN><BR>> ><BR>> > So..I have m3back using Target.Int a bunch.<BR>> ><BR>> > And converting back and forth some between Target.Int and<BR>> ><BR>> > INTEGER and doing match with Target.Int.<BR>> ><BR>> > And various operations can fail.<BR>> ><BR>> ><BR>> ><BR>> ><BR>> ><BR>> > And my current diff results in:<BR>> ><BR>> ><BR>> ><BR>> ><BR>> ><BR>> > new source -> compiling Lex.m3<BR>> > "..\src\fmtlex\Lex.m3", line 227: doneg: Negate overflowed<BR>> > "..\src\fmtlex\Lex.m3", line 343: doneg: Negate overflowed<BR>> > 2 errors encountered<BR>> > new source -> compiling Scan.i3<BR>> ><BR>> ><BR>> ><BR>> ><BR>> ><BR>> > which is nice to see, it means my code is actually running.<BR>> ><BR>> ><BR>> ><BR>> ><BR>> ><BR>> > So I look at the code in question:<BR>> ><BR>> ><BR>> ><BR>> ><BR>> ><BR>> > PROCEDURE ReadNumber(rd: Rd.T; defaultBase: [2..16]; signed: BOOLEAN):<BR>> > Word.T<BR>> > VAR c: CHAR; sign: [0..1]; res: Word.T; BEGIN<BR>> > ...<BR>> ><BR>> > IF signed AND<BR>> > ((sign = 0 AND Word.GT(res, LAST(INTEGER))) OR<BR>> > (sign = 1 AND Word.GT(res, -FIRST(INTEGER)))) THEN<BR>> > RAISE FloatMode.Trap(FloatMode.Flag.IntOverflow)<BR>> > ....<BR>> ><BR>> ><BR>> ><BR>> ><BR>> ><BR>> > -FIRST(INTEGER).<BR>> ><BR>> ><BR>> ><BR>> ><BR>> ><BR>> > What is that supposed to do?<BR>> ><BR>> ><BR>> ><BR>> ><BR>> ><BR>> > I mean, I kind of know, I'm slightly playing stupid, partly not.<BR>> ><BR>> > Does the compiler know what is an INTEGER vs. what is a "Word"?<BR>> ---------------------------------------------------------Word.T?<BR>><SPAN class=ecxApple-converted-space> </SPAN><BR>> No, they are the same type.<BR>><SPAN class=ecxApple-converted-space> </SPAN><BR>> > Or it is just obligated to assume everything is a Word?<BR>><SPAN class=ecxApple-converted-space> </SPAN><BR>> It is obligated to do the builtin operators (unary - being one<BR>> of these) using signed interpretation of the value and functions<BR>> in Word using unsigned interpretation.<BR>><SPAN class=ecxApple-converted-space> </SPAN><BR>> The signed operators don't assume anything about the machine<BR>> representation. The functions in Word do assume two-s complement<BR>> binary, in order to be defined. This is a low-level facility.<BR>><SPAN class=ecxApple-converted-space> </SPAN><BR>> > To do the negation at compile time and ignore the overflow?<BR>><SPAN class=ecxApple-converted-space> </SPAN><BR>> This may be poorly specified. The code sample you cite clearly assumes<BR>> this is what it does. The compile errors indicate the assumption<BR>> has become wrong.<BR>><SPAN class=ecxApple-converted-space> </SPAN><BR>> > Does the language need work here?<BR>><SPAN class=ecxApple-converted-space> </SPAN><BR>> Overflow detection wars! But surely, we could agree that compile time<BR>> arithmetic should do the same thing as runtime would, for a given<BR>> implementation.<BR>><SPAN class=ecxApple-converted-space> </SPAN><BR>> > I mean, like, -FIRST(INTEGER), that is a problematic expression, isn't it?<BR>><SPAN class=ecxApple-converted-space> </SPAN><BR>> Yes, it's a statically unconditional overflow, and the language doesn't<BR>> specify what happens.<BR>><SPAN class=ecxApple-converted-space> </SPAN><BR>> As long as we are assuming two-s complement binary, I would just remove<BR>> the - in front of FIRST(INTEGER). If the compiler does not consider it<BR>> and overflow error and wraps around, in this particular case, the - is<BR>> an identity operation on the bits. Maybe the writer intended the -<BR>> to hint to a human reader that unsigned interpretation is about to be<BR>> applied to this value.<BR>><SPAN class=ecxApple-converted-space> </SPAN><BR>> ><BR>> ><BR>> ><BR>> ><BR>> > - Jay<BR>> ><BR>> ><BR>> ><BR>><SPAN class=ecxApple-converted-space> </SPAN><BR>><SPAN class=ecxApple-converted-space> </SPAN><BR></DIV></DIV></SPAN></BLOCKQUOTE></DIV><BR> </body>
</html>