Steven Schveighoffer:
> To the point -- lots of existing D and C code uses the properties of
> integer overflow. If integer overflow is assumed to be an error, then
> that code is broken, even though the code *expects* overflow to occur, and
> in fact might *depend* on it occurring.
In this case you wrap the code in something that allows it to overflow without
errors, like:
unsafe(overflows) {
// code here
}
------------------------
Andrei:
>This and others (zero- vs. one-based indexing, closed vs. open intervals etc.)
>are issues with well-understood tradeoffs that could go either way.<
Integral overflows are not the same thing as indexing and intervals. Such last
two are equal ways to write the same thing, while overflows are a way to spot a
class of bugs in code.
>Making a choice in such matters becomes part of a language's ethos.<
Right, and I think D Zen is pro-safety.
>After a while it becomes clear that rehashing such matters without
>qualitatively new arguments is futile.<
I have answered because you have said wrong things. You have implicitly said
that good overflow tests are doable with library code, and I have explained why
you are wrong. This isn't futile.
Bye,
bearophile
