Don Clugston:
Bearophile, haven't you ever read that paper on integer overflow, which you keep posting to the newsgroup???
I have read it time ago, but it seems not having run-time overflow tests is not an option for certain programming endeavors of mine. This is why I have partially switched back to FreePascal for those.
It clearly demonstrates that it is NOT POSSIBLE to implement integer overflow checking in a C-family language.
Clarke says something nice:
When a distinguished but elderly scientist states that something is possible, he is almost certainly right. When he states that something is impossible, he is very probably wrong.<
http://embed.cs.utah.edu/ioc/
Valid, correct, code which depends on integer overflow is very, very common (when overflow occurs, it's more likely to be correct, than incorrect).
I was discussing about an annotation to disable it locally where the programmer wants such overflows (like using wrap-around semantics to avoid testing for negative values. I have done this myself some times).
I am not interested in taking a quite optimized 80_000 lines long C program and switching on the run-time integral overflow tests on it all, all at once. This is probably going to fail, as the paper says. Smaller D programs written from zero with run-time overflow tests are one example of what I was thinking about.
I don't think you could do it without introducing a no-overflow integer type. The compiler just doesn't have enough information.
This solution sounds acceptable for part of my purposes, thanks to D alias syntax. But I don't know if it's enough.
Bye, bearophile
