[m-dev.] for review: change semantics of integer shifts

Fergus Henderson fjh at cs.mu.OZ.AU
Fri Mar 19 16:17:13 AEDT 1999


On 19-Mar-1999, Simon Taylor <stayl at cs.mu.OZ.AU> wrote:
>  
> +% File: int.m.
>  % Main authors: conway, fjh.
>  % Stability: medium.
>  %
> +% Predicates and functions for dealing with machine-size integer numbers.
> +%
> +% The predicates and functions in this module do not check for overflow.
> +% The behaviour of a computation for which overflow occurs is undefined.

I think the sentence "The predicates and functions in this module do not
check for overflow." is over-specification -- we might want to change
that in some future release.  So I suggest the following instead:

% The behaviour of a computation for which overflow occurs is undefined.
% (In the current implementation, the predicates and functions in this
% module do not check for overflow, and the results you get are those
% delivered by the C compiler.  However, future implementations
% might check for overflow.)

...
> +++ shift_test.m	Thu Mar 18 12:15:40 1999
> +main -->
> +	shift_test((<<), "<<", 64, 2, 256),
> +	shift_test((<<), "<<", -64, 2, -256),
> +	shift_test((<<), "<<", 64, -2, 16),
> +	shift_test((<<), "<<", -64, -2, -16),
> +	shift_test((<<), "<<", 64, 256, 0),		<=== here
> +	shift_test((<<), "<<", 64, -256, 0),	
> +	shift_test((<<), "<<", -64, 256, 0),		<=== here
> +	shift_test((<<), "<<", -64, -256, -1),
> +	shift_test((>>), ">>", 64, 2, 16),
> +	shift_test((>>), ">>", -64, 2, -16),
> +	shift_test((>>), ">>", 64, -2, 256),
> +	shift_test((>>), ">>", -64, -2, -256),
> +	shift_test((>>), ">>", 64, 256, 0),
> +	shift_test((>>), ">>", 64, -256, 0),		<=== here
> +	shift_test((>>), ">>", -64, 256, -1),
> +	shift_test((>>), ">>", -64, -256, 0),		<=== here

The tests marked "<=== here" above all have undefined behaviour
according to the specification, because they cause overflow.
So either you should not test those cases, or if you do, then you
should separate out those tests and clearly document that these tests
are testing something which is not specified by the specification.

It would be a good idea to test shifting values left or right by zero bits.
It would also be a good idea to test shifting values that are not an
exact power of two.

-- 
Fergus Henderson <fjh at cs.mu.oz.au>  |  "I have always known that the pursuit
WWW: <http://www.cs.mu.oz.au/~fjh>  |  of excellence is a lethal habit"
PGP: finger fjh at 128.250.37.3        |     -- the last words of T. S. Garp.



More information about the developers mailing list