[rust-dev] Integer overflow, round -2147483648

Robert O'Callahan robert at ocallahan.org
Tue Jun 24 21:58:07 PDT 2014


On Wed, Jun 25, 2014 at 6:58 AM, Daniel Micay <danielmicay at gmail.com> wrote:

> Rust has been consistently opposed to adding compiler switches changing
> the meaning of the code. The metadata belongs *in the code* itself, and
> you are free to flip wrapping on/off for whatever reason in the code
> itself.
>

If, for performance reasons, a developer tells the compiler it can assume
certain integer arithmetic operations do not overflow at run-time, that
does not change the meaning of the code.

So, let's define the semantics of integer arithmetic as non-wrapping by
default. Disable run-time overflow checks in default build configurations.
Add Swift-style explicit wrapping operators.

This would give us the immediate benefits Greg pointed out: debug builds
and analysis tools become more effective at finding overflow bugs, because
we would have distinguished acceptable from erroneous overflow at the
language level. This would also make it possible to enable run-time integer
overflow checking by individual projects or developers, or by default in
some future version of Rust, with minimal compatibility impact.

Rob
-- 
Jtehsauts  tshaei dS,o n" Wohfy  Mdaon  yhoaus  eanuttehrotraiitny  eovni
le atrhtohu gthot sf oirng iyvoeu rs ihnesa.r"t sS?o  Whhei csha iids  teoa
stiheer :p atroa lsyazye,d  'mYaonu,r  "sGients  uapr,e  tfaokreg iyvoeunr,
'm aotr  atnod  sgaoy ,h o'mGee.t"  uTph eann dt hwea lmka'n?  gBoutt  uIp
waanndt  wyeonut  thoo mken.o w
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.mozilla.org/pipermail/rust-dev/attachments/20140625/ab201fbc/attachment.html>


More information about the Rust-dev mailing list