[OT] The Usual Arithmetic Confusions
forkit
forkit at gmail.com
Fri Feb 18 04:33:39 UTC 2022
On Thursday, 17 February 2022 at 21:35:00 UTC, Paul Backus wrote:
>
> Memory safety is about avoiding undefined behavior, not
> avoiding bugs in general. Implicitly casting an int to a uint
> can certainly cause bugs in a program, but it cannot introduce
> undefined behavior unless you are already doing something
> unsafe with the result (like indexing into an array without
> bounds checking).
Well, strong type safety is a component of memory safety.
Now a 'bug' is where the programmer takes the average of two
unsigned integers, and it results in an overflow. Here,
correctness is the programmers responsibility.
On the otherhand, implicit conversion of uint to int is
inherently unsafe, since the compiler cannot determine whether
the coercion 'avoids undefined behaviour'.
On that basis, it should just not do it - and instead, make the
programmer take responsibilty.
Thus once again, the programmer is in charge - which is, as it
should be.
More information about the Digitalmars-d
mailing list