Re: Arithmetic overflow checking

On 7/7/2011 3:30 AM, rop rop wrote:


     The first thing that comes to mind is altering a JVM so it does
not behave as described in the Java Virtual Machine Specification
means you no longer have a JVM. Specifically, from section 2.4.2:
"The built-in integer operators do not indicate (positive or negative)
overflow in any way; they wrap around on overflow." For good or for
ill, that's a requirement all JVM implementations must satisfy.

     But, okay, you start with a JVM and alter it to produce a "KWN"
that behaves just like a JVM except in this one regard. Now a second
difficulty arises: You start running Java on the KWN, and almost at
once you get an arithmetic overflow exception. Investigating, you
find that it occurred in a hashCode() method that's computing the
time-honored sum x0+p*(x1+p*(x2+...)) with the fields x0,x1,... and
a prime p. The overflow is entirely benign, yet "Hello".hashCode()
stops your program in its tracks. So now you need a way to distinguish
expected (benign) overflow from unanticipated (injurious) overflow --
which means you need to alter not only the JVM but also Java. (Or maybe
you could do something with annotations; I'm not sure.) But the main
point is that all existing Java code expects overflow to wrap around,
and lots of that code actually relies on wraparound.

     Finally, you've got definitional problems to sort out. For
example, is there an overflow in `int value = (int)Long.LONG_MAX;'?
You need to put on your Language Legislator hat and think about it
before you can decide how your KWN should behave.

     Personally, I wish integer over- and under-flow would in fact
throw exceptions, and that the language had something like `unsigned'
to allow the programmer to suppress the exceptions when appropriate.
But that's a wish I don't expect to see fulfilled.

--
Eric Sosman
esosman@ieee-dot-org.invalid