Help stabilising mini-gmp
Nelson H. F. Beebe
beebe at math.utah.edu
Thu Dec 1 23:42:39 UTC 2016
Vincent Lefevre <vincent at vinc17.net> asks in response to my lengthy
posting earlier today about where the behavior of bit-shift operations
allows undefined behavior in C and C++:
>> ...
>> Is this true even when the shifted value is zero? For some time,
>> I've wondered why this was also undefined for zero (in MPFR, we
>> had code where the shift count could be out of range only for
>> the value 0).
>> ...
No, zero shifts should be perfectly legal, because they just amount to
a no-op, and thus a copy of source to destination. The hardware
manuals that I checked today all permit a zero shift count: it would
take wasteful extra chip circuitry to add a check for such a case.
Also, mathematically, excluding zero in a number system is always a
bad idea: I often ask colleagues with children just learning to speak:
will you teach them to count 1, 2, 3, ..., or 0, 1, 2, 3. The former
was a mistake that humans made for millenia, until about 1200, when
zero made it to Europe from India in Fibonacci's Liber Abbaci. Even
the 800 years since then have not improved the arithmetical behavior
of most humans.
The 1999 ISO C Standard makes no mention of a zero shift-count
exception. The 2003 ISO C++ Standard has essentially equivalent
descriptions.
I cannot see any way that a prohibition on zero shift counts could be
added to any programming language: consider code that unpacks a
bitfield from an opaque (to the programmer, but not to the compiler)
data structure: new releases of software could change the bitfield
location, and the shift counts needed to unpack it.
Harbison & Steele's 5th edition of ``C: A Reference Manual'' on page
232 report about shift operators:
>> The right operand may be 0, in which case no shift occurs, and the
>> result value is identical to the value of the converted left
>> operand.
Their five editions (1984 to 2002) with that title are deservedly
famous for the care in which they treat portability, behavioral, and
Standards-conformance issues in C.
The ISO/IEC 1539-1 Fortran standard in its specification of the
compiler instrinsic function for (unsigned aka logical) bit shifting
says:
>> ...
>> 13.14.50 ISHFT (I, SHIFT)
>> Description. Performs a logical shift.
>> Class. Elemental function.
>> Arguments.
>> I shall be of type integer.
>> SHIFT shall be of type integer. The absolute value
>> of SHIFT shall be less than or equal to
>> BIT-SIZE (I).
>> Result Characteristics. Same as I.
>> Result Value. The result has the value obtained by
>> shifting the bits of I by SHIFT
>> positions. If SHIFT is positive, the
>> shift is to the left; if SHIFT is
>> negative, the shift is to the right;
>> and if SHIFT is zero, no shift is
>> performed. Bits shifted out from the
>> left or from the right, as
>> appropriate, are lost. Zeros are
>> shifted in from the opposite end.
>> The model for the interpretation of
>> an integer value as a sequence of
>> bits is in 13.5.7.
>>
>> Example. ISHFT (3,1) has the result 6.
>> ...
Notice that it explicitly permits zero shift counts.
-------------------------------------------------------------------------------
- Nelson H. F. Beebe Tel: +1 801 581 5254 -
- University of Utah FAX: +1 801 581 4148 -
- Department of Mathematics, 110 LCB Internet e-mail: beebe at math.utah.edu -
- 155 S 1400 E RM 233 beebe at acm.org beebe at computer.org -
- Salt Lake City, UT 84112-0090, USA URL: http://www.math.utah.edu/~beebe/ -
-------------------------------------------------------------------------------
More information about the gmp-devel
mailing list