[rust-dev] Appeal for CORRECT, capable, future-proof math, pre-1.0

james james at mansionfamily.plus.com
Sun Jan 12 05:23:57 PST 2014


On 11/01/2014 22:38, Owen Shepherd wrote:
> I agree, however, I feel that the names like "i32" and "u32" should be 
> trap-on-overflow types. The non overflow ones should be "i32w" 
> (wrapping) or similar.
>
> Why? Because I expect that otherwise people will default to the 
> wrapping types. Less typing. "It'll never be a security issue", or 
> "Looks safe to me", etc, etc. Secure by default is a good thing, IMO
I don't think making 'i32' have different semantics by default from 
int32_t (or from the 'i32' typedef most of us will have used for years) 
is a good idea in a wannabe systems programming language.  It is too 
surprising.

There might be a good case for having a pragma control some 'check for 
overflow' in a paranoid test mode, but i think that most programmers, 
most of the time, will expect 2s complement arithmetic 'as usual'.



More information about the Rust-dev mailing list