P1355R0
Exposing a narrow contract for ceil2

Published Proposal,

This version:
http://wg21.link/P1355R0
Author:
(Google)
Audience:
LEWG, LWG, SG6
Project:
ISO/IEC JTC1/SC22/WG21 14882: Programming Language — C++

Abstract

ceil2 promises an unspecified value for out-of-bounds arguments. Out-of-bounds arguments should instead be undefined behavior.

1. Background

During the review of [P0556R1], LEWG requested ceil2 return an unspecified value for out-of-bounds arguments. [P0556R3] was adopted in Rapperswil with this specification. [N4778] (24.6.4 "Integral powers of 2"):

Returns: The minimal value y such that ispow2(y) is true and y >= x; if y is not representable as a value of type T, the result is an unspecified value.

At the [SAN] meeting, LEWG took a poll reconsidering this decision at the request of SG6:

Change ceil2 to hard UB, ill-formed in constexpr
SF F N A SA
11 5 1 0 0

As discussed in [P1233R0] (out-of-bounds shift_left / shift_right), silently accepting out-of-bounds values can hide bugs. Making this explicitly undefined behavior allows it to be detected and flagged by analysis tools.

2. Proposal

Wording relative to [N4778]:

template<class T>
  constexpr T ceil2(T x) noexcept;

3. Discussion

For values of x that fail to satisify the Expects precondition, this results in undefined behavior (15.5.4.11).

References

Informative References

[N4778]
Working Draft, Standard for Programming Language C++. 2018-10-08. URL: http://www.open-std.org/jtc1/sc22/wg21/docs/papers/2018/n4778.pdf
[P0556R1]
P0556R1: Integral power-of-2 operations. 2017-03-19. URL: http://www.open-std.org/jtc1/sc22/wg21/docs/papers/2017/p0556r1.html
[P0556R3]
P0556R3: Integral power-of-2 operations. 2018-06-06. URL: http://www.open-std.org/jtc1/sc22/wg21/docs/papers/2018/p0556r3.html
[P1233R0]
Shift-by-negative in shift_left and shift_right. 2018-10-02. URL: http://www.open-std.org/jtc1/sc22/wg21/docs/papers/2018/p1233r0.pdf
[SAN]
Meeting minutes for P0556. 2018-11-09. URL: http://wiki.edg.com/bin/view/Wg21sandiego2018/P0556