<html>
<head>
<style><!--
.hmmessage P
{
margin:0px;
padding:0px
}
body.hmmessage
{
font-size: 10pt;
font-family:Verdana
}
--></style>
</head>
<body class='hmmessage'>
Rewrite code to avoid overflow?<BR>
That seems..difficult.<BR>
Write it in a typical normal straightfoward<BR>
fashion and rely on overflow checking to avoid bugs, imho.<BR>
<BR>
I think relying on silent wrap is bad but relying on overflow<BR>
checks is appropriate.<BR>
<BR>
Really what I think is you need multiple types or interfaces.<BR>
So that you can request silent wraparound for certain code<BR>
and overflow checking for other code. It's not a per-thread<BR>
setting, but a type thing.<BR>
It is more "statically bound" than a runtime per thread setting.<BR>
<BR>
In the absence of this profusion of<BR>
types though, a good safe compromise is the INTEGER/Word<BR>
split. INTEGER is signed and should check overflow.<BR>
<BR>
Word is unsigned and silently wraps.<BR>
<BR>
Really this isn't everything. You also want unsigned<BR>
with overflow checks, maybe signed with silent wraparound.<BR>
Maybe the arithmetic library provides all this.<BR>
I need to check.<BR>
<BR>
<BR>
Testing your code one way and shipping it another way<BR>
is a bad recipe. The checks need to be preserved<BR>
in the shipping version because testing is never complete.<BR>
Also because the checks might have unintended side effects.<BR>
Ship what you test.<BR>
<BR>
<BR>
Again though, isn't silent wraparound a safety hole?<BR>
Or maybe not, maybe given that we have array bounds checking,<BR>
maybe safety is preserved?<BR>
(You know, what would happen incorrectly when positive + positive<BR>
yields negative?)<BR>
<BR>
- Jay<BR><BR> <BR>
<HR id=stopSpelling>
From: rcolebur@SCIRES.COM<BR>To: m3devel@elegosoft.com<BR>Date: Tue, 12 Jan 2010 00:18:51 -0500<BR>Subject: Re: [M3devel] FloatMode<BR><BR>
<STYLE>
.ExternalClass p.ecxMsoNormal, .ExternalClass li.ecxMsoNormal, .ExternalClass div.ecxMsoNormal
{margin-bottom:.0001pt;font-size:12.0pt;font-family:'Times New Roman','serif';}
.ExternalClass a:link, .ExternalClass span.ecxMsoHyperlink
{color:blue;text-decoration:underline;}
.ExternalClass a:visited, .ExternalClass span.ecxMsoHyperlinkFollowed
{color:purple;text-decoration:underline;}
.ExternalClass p
{margin-right:0in;margin-left:0in;font-size:12.0pt;font-family:'Times New Roman','serif';}
.ExternalClass span.ecxEmailStyle18
{font-family:'Calibri','sans-serif';color:#1F497D;}
.ExternalClass .ecxMsoChpDefault
{font-size:10.0pt;}
@page Section1
{size:8.5in 11.0in;}
.ExternalClass div.ecxSection1
{page:Section1;}
</STYLE>
<DIV class=ecxSection1>
<P class=ecxMsoNormal><SPAN style="FONT-FAMILY: 'Calibri','sans-serif'; COLOR: #1f497d; FONT-SIZE: 11pt">Jay, </SPAN></P>
<P class=ecxMsoNormal><SPAN style="FONT-FAMILY: 'Calibri','sans-serif'; COLOR: #1f497d; FONT-SIZE: 11pt"> </SPAN></P>
<P class=ecxMsoNormal><SPAN style="FONT-FAMILY: 'Calibri','sans-serif'; COLOR: #1f497d; FONT-SIZE: 11pt">I think the documented intent in Modula-3 is that the programmer <U>should</U> write his code under the premise that any operation that could produce an overflow should be rewritten so as to avoid that problem. Further, that the implementation may or may not actually check for this condition, but to <B><U>rely</U></B> on it working a certain way (e.g., silent wrap) would be wrong. Further, if FloatMode were implemented, it would be possible to force the overflow check on.</SPAN></P>
<P class=ecxMsoNormal><SPAN style="FONT-FAMILY: 'Calibri','sans-serif'; COLOR: #1f497d; FONT-SIZE: 11pt"> </SPAN></P>
<P class=ecxMsoNormal><SPAN style="FONT-FAMILY: 'Calibri','sans-serif'; COLOR: #1f497d; FONT-SIZE: 11pt">This situation does not prohibit a programmer from writing something that could produce overflow, and the fact that on some implementations overflow is not checked is considered ok for performance reasons. It is just that if the programmer were to rely on silent wrap, this reliance is NOT supported by the language and at some point will probably cause a checked runtime error.</SPAN></P>
<P class=ecxMsoNormal><SPAN style="FONT-FAMILY: 'Calibri','sans-serif'; COLOR: #1f497d; FONT-SIZE: 11pt"> </SPAN></P>
<P class=ecxMsoNormal><SPAN style="FONT-FAMILY: 'Calibri','sans-serif'; COLOR: #1f497d; FONT-SIZE: 11pt">Indeed, folks often turn on extra checking during program testing to find as many programming faults as possible, then turn off the extra checking for production/delivery code to gain performance. So Modula-3 as a language supports this concept, though not all implementations may provide the ability to turn certain checks on or off.</SPAN></P>
<P class=ecxMsoNormal><SPAN style="FONT-FAMILY: 'Calibri','sans-serif'; COLOR: #1f497d; FONT-SIZE: 11pt"> </SPAN></P>
<P class=ecxMsoNormal><SPAN style="FONT-FAMILY: 'Calibri','sans-serif'; COLOR: #1f497d; FONT-SIZE: 11pt">I agree that lumping the integer overflow control into an interface named “FloatMode” makes it a bit hard to find since “FloatMode” would make one think that the interface deals only with floating point.</SPAN></P>
<P class=ecxMsoNormal><SPAN style="FONT-FAMILY: 'Calibri','sans-serif'; COLOR: #1f497d; FONT-SIZE: 11pt"> </SPAN></P>
<P class=ecxMsoNormal><SPAN style="FONT-FAMILY: 'Calibri','sans-serif'; COLOR: #1f497d; FONT-SIZE: 11pt">So, in Modula-3 a good programmer will add appropriate logic to prevent overflow by explicitly coding wrap-around or using some other method appropriate to the task at hand. A sloppy programmer won’t care and his code will eventually break. See the comments about long-lived readers/writers for an example.</SPAN></P>
<P class=ecxMsoNormal><SPAN style="FONT-FAMILY: 'Calibri','sans-serif'; COLOR: #1f497d; FONT-SIZE: 11pt"> </SPAN></P>
<P class=ecxMsoNormal><SPAN style="FONT-FAMILY: 'Calibri','sans-serif'; COLOR: #1f497d; FONT-SIZE: 11pt">Regards,</SPAN></P>
<P class=ecxMsoNormal><SPAN style="FONT-FAMILY: 'Calibri','sans-serif'; COLOR: #1f497d; FONT-SIZE: 11pt">Randy</SPAN></P>
<P class=ecxMsoNormal><SPAN style="FONT-FAMILY: 'Calibri','sans-serif'; COLOR: #1f497d; FONT-SIZE: 11pt"> </SPAN></P>
<DIV>
<DIV style="BORDER-BOTTOM: medium none; BORDER-LEFT: medium none; PADDING-BOTTOM: 0in; PADDING-LEFT: 0in; PADDING-RIGHT: 0in; BORDER-TOP: #b5c4df 1pt solid; BORDER-RIGHT: medium none; PADDING-TOP: 3pt">
<P style="MARGIN-LEFT: 0.5in" class=ecxMsoNormal><B><SPAN style="FONT-FAMILY: 'Tahoma','sans-serif'; FONT-SIZE: 10pt">From:</SPAN></B><SPAN style="FONT-FAMILY: 'Tahoma','sans-serif'; FONT-SIZE: 10pt"> jayk123@hotmail.com [mailto:jayk123@hotmail.com] <B>On Behalf Of </B>Jay K<BR><B>Sent:</B> Monday, January 11, 2010 11:55 PM<BR><B>To:</B> Tony; m3devel<BR><B>Subject:</B> [M3devel] FloatMode</SPAN></P></DIV></DIV>
<P style="MARGIN-LEFT: 0.5in" class=ecxMsoNormal> </P>
<P style="MARGIN-BOTTOM: 12pt; MARGIN-LEFT: 0.5in; MARGIN-RIGHT: 0in" class=ecxMsoNormal><SPAN style="FONT-FAMILY: 'Verdana','sans-serif'; FONT-SIZE: 10pt">I thought FloatMode was only related to floating point.<BR>So I looked:<BR> <BR> "IntOverflow" = an integer operation produced a result whose<BR> absolute value is too large to be represented.<BR> <BR> "IntDivByZero" = integer "DIV" or "MOD" by zero.<BR>\end{quote}<BR><BR> <BR>This part of it should be easy to implement for all architectures.<BR>The entire thing probably isn't too difficult either on many platforms either.<BR> <BR>However...I was surprised by this.<BR>I thought the real "intent" in Modula-3 to not have this be configurable<BR>and endeavor for overflow and divide by zero to always immediately<BR>raise an exception? The only "out" is that it might not get implemented on some platforms for some reason?<BR> <BR>For the floating point stuff:<BR> <BR>Probably like other per-platform code, this should be done in #ifdefed C.<BR> <BR><A href="http://msdn.microsoft.com/en-us/library/e9b52ceh(VS.80).aspx">http://msdn.microsoft.com/en-us/library/e9b52ceh(VS.80).aspx</A><BR><A href="http://kernel.org/doc/man-pages/online/pages/man3/fetestexcept.3.html">http://kernel.org/doc/man-pages/online/pages/man3/fetestexcept.3.html</A><BR>etc.<BR> <BR> - Jay</SPAN></P></DIV> </body>
</html>