Am Thu, 20 Nov 2014 08:18:23 +0000
schrieb "Don" <x...@nospam.com>:
> It's particularly challenging in D because of the widespread use
> of 'auto':
>
> auto x = foo();
> auto y = bar();
> auto z = baz();
>
> if (x - y > z) { ... }
>
>
> This might be a bug, if one of these functions returns an
> unsigned type. Good luck finding that. Note that if all
> functions return unsigned, there isn't even any signed-unsigned
> mismatch.
With those function names I cannot write code.
ℕ x = length();
ℕ y = index();
ℕ z = requiredRange();
if (x - y > z) { ... }
Ah, now we're getting somewhere. Yes the code is obviously
correct. You need to be aware of the value ranges of your
variables and write subtractions in a way that the result can
only be >= 0. If you realize that you cannot guarantee that
for some case, you just found a logic bug. An invalid program
state that you need to assert/if-else/throw.
I don't get why so many APIs return ints. Must be to support
Java or something where proper unsigned types aren't available.
--
Marco
