It's meant to bother people. It was intended to add friction to depending on wrapping and to keep people aware that it's a bug to have unmarked overflows. The language can't accept the significant cost of having overflow checks enabled by default today but wants to do it later.
Unfortunate indeed. I hope feedback has been given to hardware vendors. Thanks for the explanation!
-
-
MIPS has trapping versions of the arithmetic instructions so it avoids extra code size but that would likely still have a fair bit of overhead in a modern CPU and the compiler would still miss optimizations. A lot of work needs to be done to eliminate the overhead.
-
Maybe the RISC-V community would be open for suggestions. Also, would you happen to have pointers to the performance analysis that has been done? Just out of curiosity.
-
It's spread out over a lot of threads, issues, etc. and it was a couple years ago so I don't have links handy. The overhead at the hardware level ends up being 3-10% in most cases, but missed optimizations like loop unrolling, vectorization, etc. can make it far larger.
-
I haven't read http://huonw.github.io/blog/2016/04/myths-and-legends-about-integer-overflow-in-rust/ … for a long time but I think it's probably a good overview.
-
Integer overflows are also much more dangerous in C (and unsafe Rust) where it instantly turns into a buffer overflow vs. normal Rust code where that can't happen. It makes it harder to justify a significant cost (i.e. in the ballpark of 10%, but varying a huge amount).
-
Logic errors involving integer overflow are definitely a problem, but not quite the same as pervasive heap overflows, etc. caused by them. That part is at least contained to unsafe code in Rust. Lots of that is for data structures where int overflow -> heap overflow is common.
-
Google adopted -fsanitize=integer -fsanitize-trap=integer for hardening C and C++ code in Android and the performance cost is definitely constraining / guiding their usage. That's a bit lighter than the checks in Rust since there's no unique error and it doesn't unwind.
-
Microsoft started using a SafeInt class internally for their C++ code, which detects overflow. They just paid the performance price.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.