[OT] The Usual Arithmetic Confusions
Paul Backus
snarwin at gmail.com
Thu Feb 17 21:35:00 UTC 2022
On Thursday, 17 February 2022 at 20:55:38 UTC, forkit wrote:
> On Thursday, 17 February 2022 at 20:11:07 UTC, Paul Backus
> wrote:
>>
>>
>> Yeah, implicit signed-to-unsigned conversion is really nasty.
>> Even if we keep the rest of the C-style promotion rules,
>> getting rid of that one would still be a big improvement.
>
> Implicit memory manipulation (e.g. type casting for example)
> can result in unintentional memory safety bugs, which in turn
> can result in adverse events. As such, it is not consistent
> with the concept of memory safety.
Memory safety is about avoiding undefined behavior, not avoiding
bugs in general. Implicitly casting an int to a uint can
certainly cause bugs in a program, but it cannot introduce
undefined behavior unless you are already doing something unsafe
with the result (like indexing into an array without bounds
checking).
More information about the Digitalmars-d
mailing list