| > I'd prefer to catch such errors at compile-time. I don't believe it's possible. These integers often coming from user's input, disk, or network. Compiler can't validate these simply because it doesn't have the data. Even when possible, it's insanely complicated, and computationally expensive, to catch in compile-time, yet very simple in runtime. Runtime performance overhead is very small because branch prediction is quite efficient on modern CPUs, these branches are almost never taken, JIT compiler knows about that, and emits code which will be predicted correctly even when uncached. > if you take it seriously, it works but it is not safe Noy sure I follow. Let's pretend I am taking it reasonably seriously, despite old and unpaid hobby project. Why it's not safe? The Mpeg4 and MKV parsers are written in C#, and compiled with that <CheckForOverflowUnderflow> option set to True. |