(j3.2006) (SC22WG5.4904) [ukfortran] Comment on a comment on the WG5 letterballot on N1947

Malcolm Cohen malcolm
Wed Jan 16 19:57:01 EST 2013


>In recent memory, I've only encountered one case of harmful integer overflow

How could you possibly know?  Without overflow detection, all you are likely to 
get are silently wrong numbers.  It is entirely possible that no-one will notice 
until the bridge falls down, the plane drops out of the sky, or the stock market 
crashes; and then they will probably blame something else anyway (failures 
normally have many causes, not just one - and programs rarely have only a single 
bug).

>Of course, there are numerous cases, almost all related to user-written random 
>number generators, where overflow of integer multiply is intentional.

(0) Random number generators have also been available on machines with hardware 
always-on integer overflow detection.

(1) This is almost certainly entirely unnecessary.  Many good generators don't 
need this.

(2) It is not exactly beyond the wit of man to avoid using a compiler option 
when it is undesired!

>For Fortran, and a program with arrays this large, users would instinctively 
>set a compiler switch to make 64-bit integers the default.

Ah yes, the "non-Fortran" switch (unless it also doubles the sizes of default 
real and double precision).

Sorry, but speaking from knowledge here (NAG sells libraries to many large 
Fortran users, even Cray ones), it is not the case that most users use such 
switches.  Many do, but the majority don't.  These days we all have computers 
with 64-bit capability (and sometimes even enough memory to make it more than an 
academic question), it's not just the relatively few supercomputer users who 
trip over such things.

>  This avoids other problems later, like the kind of the subscript you use to 
> run through the array scratch. Of course, there is a narrow window where small 
> integers would work, but that's a bit contrived.

The question is not whether small integers work (they don't!) but whether the 
failure is detected.

>For C and C++ I would expect the relevant variables to be declared size_t

ROFL.

I find it interesting that we are debating the technical merits of the proposal. 
If it warrants that, it warrants being left in the document, which is after all, 
only suggesting that we actually consider and debate the technical merits!

Cheers,
-- 
................................Malcolm Cohen, Nihon NAG, Tokyo. 




More information about the J3 mailing list