opImplicitCast/opImplicitCastFrom
bearophile
bearophileHUGS at lycos.com
Tue Oct 28 04:21:35 PDT 2008
Don:
> I've noticed you've argued for range checking on integral types many
> times.
You are right, I am sorry for spamming this newsgroup (and to bore people). I have seen that lot of people don't follow this newsgroup closely, so saying the same thing every once in a while makes more people read it. But for people like you that probably reads every post, it becomes boring...
> Have you found overflow to be a common bug?
Not too much common, but I have had 2 bugs derived by mixing signed and unsigned types (once by array.length). I have have had one or two bugs derived by applying a map() on an array of bytes, and returning a byte that contains a bogus value.
I have stopped using unsigned values every time I don't strictly need them, because instead of being safer, that is using them to represent nonnegative numbers, they are actually much less safe.
So I think integral values are a source of troubles.
This document from experience says that integral overflow bugs are a significant percentage of the total:
http://www.st.cs.uni-sb.de/edu/seminare/2005/advanced-fp/docs/sweeny.pdf
Bye,
bearophile
More information about the Digitalmars-d
mailing list