Integer overflow and underflow semantics

[akaz]

>
> Bumping this as we still need to make a decision about this. As 
> recently as yesterday, someone on the GCC mailing list posted a 
> complaint about an optimization pass that assumed undefined 
> semantics for overflow. We need to have a stance about this, 
> since GDC is going into mainline GCC soon.

Just jumping into the bandwagon with several info:

http://en.wikipedia.org/wiki/Therac

Therac25 was a medicale machine that injured several people 
because:

"When input parameters are unverified or inconsistent,
the treatment monitor task periodically runs a procedure
that increments a counter
This counter is used as a flag by the housekeeping task,
indicating whether gun firing should be enabled or not
However, as the counter is only 8 bits, it will overflow
every 256 ticks, and the “flag” will temporarily indicate a
zero condition!
If the “set” command is given at that instant,
inconsistencies are not checked, and unshielded high-
energy radiation may result"

The case is known in the real-time operating systems programming.

Does D throw an exception when an integral type (signed or 
unsigned) underflows or overflows? I am for defining this as the 
implicit behavior. Using a counter in the cyclical mode should be 
rather be explicitly invoked.