BOOST WIKI | RecentChanges | Preferences | Page List | Links List

### Rationale

C and C++ don't guarantee mathematically correct semantic for integer arithmetic. It badly affects both languages because many developers write incorrect code without realizing it.

### Proposed solution

Integer operations are very frequent. The library should be very handy even for a complex expression like

size = prefix_len + n * sizeof(X) + 2 * suffix_len;

One approach is to wrap Boost lambda expression into an object that controls every operation. For example, the earlier expression would become
bool const ok = is_mathematically_correct(_1 = _2 + _3 * sizeof(T) + 2 * _4)(size, prefix_len, n, suffix_len);

The function *is_mathematically_correct* returns a lambda expression which is immediately evaluated and returns *true* if passed expression is mathematically correct, or *false* otherwise.
Note: although *overflow* is more common, it is incorrect because unsigned types never overflow.

The library should check the following

- value truncation (aka numeric_cast)
- overflow conditions on signed types
- unsigned to signed conversion that changes sign or leads to undefined behavior
- mathematically incorrect results of unsigned operations (note that they are always correct modulo 2^n operations)
- division by zero
- TODO: complete the list

### References

http://www.cert.org/secure-coding/IntegerLib.zip

Disclaimer: This site not officially maintained by Boost Developers