<div class="gmail_quote">On Fri, May 18, 2012 at 6:26 AM, akaz <span dir="ltr"><<a href="mailto:nemo@utopia.com" target="_blank">nemo@utopia.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div class="im"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<br>
Bumping this as we still need to make a decision about this. As recently as yesterday, someone on the GCC mailing list posted a complaint about an optimization pass that assumed undefined semantics for overflow. We need to have a stance about this, since GDC is going into mainline GCC soon.<br>
</blockquote>
<br></div>
Just jumping into the bandwagon with several info:<br>
<br>
<a href="http://en.wikipedia.org/wiki/Therac" target="_blank">http://en.wikipedia.org/wiki/<u></u>Therac</a><br>
<br>
Therac25 was a medicale machine that injured several people because:<br>
<br>
"When input parameters are unverified or inconsistent,<br>
the treatment monitor task periodically runs a procedure<br>
that increments a counter<br>
This counter is used as a flag by the housekeeping task,<br>
indicating whether gun firing should be enabled or not<br>
However, as the counter is only 8 bits, it will overflow<br>
every 256 ticks, and the “flag” will temporarily indicate a<br>
zero condition!<br>
If the “set” command is given at that instant,<br>
inconsistencies are not checked, and unshielded high-<br>
energy radiation may result"<br>
<br>
The case is known in the real-time operating systems programming.<br>
<br>
Does D throw an exception when an integral type (signed or unsigned) underflows or overflows? I am for defining this as the implicit behavior. Using a counter in the cyclical mode should be rather be explicitly invoked.<br>
<br>
</blockquote></div><br><div>Massive industrial systems run on code written in systems languages that dismissed this behavior as unacceptably slow years ago. That one programmer was incrementing a counter when he should have been storing a nonzero value instead isn't really relevant to this discussion.</div>