Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Integer::extended_gcd should not permit unsigned value. #40

Open
aobatact opened this issue Apr 26, 2021 · 6 comments
Open

Integer::extended_gcd should not permit unsigned value. #40

aobatact opened this issue Apr 26, 2021 · 6 comments
Labels
breaking change bug

Comments

@aobatact
Copy link
Contributor

This code fails to get the y value, with the error 'attempt to subtract with overflow'.

#[test]
fn extended_gcd_test(){
  use num_integer::Integer;
  let _x = 10.extended_gcd(&4);
  let _y = 10_u32.extended_gcd(&4);
}
@aobatact
Copy link
Contributor Author

aobatact commented Apr 26, 2021
edited
Loading

May be we can require Self: Signed for extended_gcd

@aobatact aobatact changed the title Integer::extended_gcd fails for unsigned value. Integer::extended_gcd should not permit unsigned value. Apr 26, 2021
@cuviper
Copy link
Member

cuviper commented Apr 26, 2021

Yeah, we do require Signed on extended_gcd_lcm, but that was overlooked on extended_gcd. Unfortunately it requires a breaking change to add that constraint.

@cuviper cuviper mentioned this issue Jun 15, 2022
Closed
@aj-r
Copy link

aj-r commented Jan 8, 2024
edited
Loading

Alternatively, it's possible to support extended_gcd for unsigned integers as described here: https://stackoverflow.com/q/67097428/1299394, which would avoid a breaking change.

Edit: because x and y must both be positive for unsigned integers, you'd need to modify the check() function used for testing - instead of assert_eq!(gcd, x * a + y * b); it would need to be something like:

assert_eq!(
  gcd,
  (x * a + y * b) % (a * b),
);

@cuviper
Copy link
Member

cuviper commented Jan 8, 2024

@aj-r interesting, thanks! I'm open to "fixing" unsigned with that kind of implementation, as long as we're careful to document the difference -- and ideally how to reconstruct what the signed result would have been.

@cuviper
Copy link
Member

cuviper commented Jan 8, 2024

Maybe we could then drop Signed from extended_gcd_lcm -- but I think that's technically a breaking change for anyone that overrode that method, if they depended on the conditional Signed constraint in their impl. What a mess...

@ktsimpso
Copy link

Fwiw I was recently bitten by this. But I was running in release mode so the program didn't crash. But half the time my algorithm was spitting out weird incorrect values because the coefficient I used was the under-flowed value. Switching to a signed type was easy enough for me in this particular case but I lost a few hours.

My expectations as a consumer would have been either the unsigned types did not have this method, or only produced results in the domain of that unsigned type as @aj-r mentioned. (I consider underflow outside of the domain).

As for backwards compatibly, as a consumer and I saw my build break because I used an unsigned type with this method and had silent bugs in my program because of it I think I would be thankful.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
breaking change bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@cuviper @ktsimpso @aj-r @aobatact