'int' is enough for 'length' to migrate code from x86 to x64

[Don via Digitalmars-d]

On Friday, 21 November 2014 at 17:23:51 UTC, Marco Leise wrote:
> Am Thu, 20 Nov 2014 08:18:23 +0000
> schrieb "Don" <x at nospam.com>:
>
>> It's particularly challenging in D because of the widespread 
>> use of 'auto':
>> 
>> auto x = foo();
>> auto y = bar();
>> auto z = baz();
>> 
>> if (x - y > z) { ... }
>> 
>> 
>> This might be a bug, if one of these functions returns an 
>> unsigned type.  Good luck finding that. Note that if all 
>> functions return unsigned, there isn't even any 
>> signed-unsigned mismatch.
>
> With those function names I cannot write code.
>
> ℕ x = length();
> ℕ y = index();
> ℕ z = requiredRange();
>
> if (x - y > z) { ... }
>
> Ah, now we're getting somewhere. Yes the code is obviously
> correct. You need to be aware of the value ranges of your
> variables and write subtractions in a way that the result can
> only be >= 0. If you realize that you cannot guarantee that
> for some case, you just found a logic bug. An invalid program
> state that you need to assert/if-else/throw.

Yup. And that is not captured in the type system.

>
> I don't get why so many APIs return ints. Must be to support
> Java or something where proper unsigned types aren't available.

???? D and C do not have suitable types either.

unsigned !=  ℕ.

In D,  1u - 2u > 0u. This is defined behaviour, not an overflow.