[rust-dev] Integer overflow, round -2147483648

Gregory Maxwell gmaxwell at gmail.com
Mon Jun 23 13:00:08 PDT 2014


On Mon, Jun 23, 2014 at 12:50 PM, Daniel Micay <danielmicay at gmail.com> wrote:
> The discussion here is about checking for both signed / unsigned integer
> overflow, as in passing both `-fsanitize=signed-integer-overflow` and
> `-fsanitize=unsigned-integer-overflow`. Rust has defined signed overflow
> already so it doesn't make sense to just check for that.

The undefinedness of just signed overflow in C has shown itself to be
useful from a performance perspective and, paradoxically now that
better testing tools exist, from a correctness perspective.

I think a lot the discussion here has been about having checked types
and making them a default, not in forcing all possible usage into
them.  If only making the signed type checked had much better
performance characteristics  then it ought to be considered.

John was kind enough to post numbers for each of many microbenchmarks
instead of a range. Beyond the signed vs signed+unsigned do you have
any additional idea why his numbers would be lower than yours?


More information about the Rust-dev mailing list