A little story
bearophile
bearophileHUGS at lycos.com
Tue Jun 26 03:26:19 PDT 2012
Don Clugston:
> Bearophile, haven't you ever read that paper on integer
> overflow, which you keep posting to the newsgroup???
I have read it time ago, but it seems not having run-time
overflow tests is not an option for certain programming endeavors
of mine. This is why I have partially switched back to FreePascal
for those.
> It clearly demonstrates that it is NOT POSSIBLE to implement
> integer overflow checking in a C-family language.
Clarke says something nice:
>When a distinguished but elderly scientist states that something
>is possible, he is almost certainly right. When he states that
>something is impossible, he is very probably wrong.<
http://embed.cs.utah.edu/ioc/
> Valid, correct, code which depends on integer overflow is very,
> very common (when overflow occurs, it's more likely to be
> correct, than incorrect).
I was discussing about an annotation to disable it locally where
the programmer wants such overflows (like using wrap-around
semantics to avoid testing for negative values. I have done this
myself some times).
I am not interested in taking a quite optimized 80_000 lines long
C program and switching on the run-time integral overflow tests
on it all, all at once. This is probably going to fail, as the
paper says. Smaller D programs written from zero with run-time
overflow tests are one example of what I was thinking about.
> I don't think you could do it without introducing a no-overflow
> integer type. The compiler just doesn't have enough information.
This solution sounds acceptable for part of my purposes, thanks
to D alias syntax. But I don't know if it's enough.
Bye,
bearophile
More information about the Digitalmars-d-learn
mailing list