Wednesday
Room 5
16:20 - 17:20
(UTC+02)
Talk (60 min)
int != safe && int != ℤ
C++ integers suffer from potential inaccuracy in arithmetic operations as well as undefined behavior.
This talk shows the risks involved in inappropriate integer operations and the problems with integral promotion and the "usual arithmetic conversions" that in addition to the original operands types can further confuse programmers.
We will take a look at MISRA C++ guidelines with respect to integer arithmetic and operations and see where are their limitations in static analysis.
However, the power of C++ and new standard library features will allow us to implement safer alternatives. It might be a bit of art required to actually achieve syntactical nicety, efficient implementation and well-defined behavior when dealing with whole numbers and integers.
Note: this talk will not include approaches for unlimited precision arithmetic that might be required for some domains.
- assess the risk of integer arithmetic quiz
- why are there hidden problems, shouldn't integers just wrap?
- what safety guidelines say
- options for dealing with inaccuracy (overflow)
- C++26: saturation arithmetic
- convenient, safe, efficient: can we have all 3?
Peter Sommerlad
Peter Sommerlad is an independent trainer and consultant for modern and safe C++ and software engineering. Before the pandemic, he was professor and director of IFS Institute for Software at FHO/HSR Rapperswil, Switzerland. Peter is co-author of the books POSA Vol.1 and Security Patterns and contributed to "97 things every programmer should know". His goal is to make software simpler and safer and help programmers getting there. Peter is a member of MISRA-C++, Hillside, ACM, IEEE Computer Society, and the ISO WG21 "C++" and WG23 "vulnerabilities" standardization committee.