flagging unsigned subtraction assigned to bigger signed number?

Walter Bright newshound2 at digitalmars.com
Wed May 21 07:20:03 UTC 2025


Interesting example! Yes, the DFA done by this dials it up a notch, and it will 
catch some errors. Some points:

1. it shouldn't issue a warning - it should issue an error. If the programmer 
wanted this code to execute anyway, he could engage point 2 to defeat the DFA 
and do an out-of-bounds read. But I have no influence over C, the C community 
can do what they want

2. it's the old halting problem again. No matter how good the DFA is, it cannot 
solve the problem in general. It's the same limitation that statically detecting 
null pointer dereferences has

3. D's approach with array bounds checked arrays does solve the problem in the 
general case (at some cost to runtime performance). The more advanced DFA could 
help in removing unnecessary bounds checks.


More information about the Digitalmars-d mailing list