(3) Overflow checking is rarely used in practice due to the performance costs associated with it. ISAs aren't that well-suited for overflow checking. For example, on the x86 one has to test for the overflow and/or carry flag after every integer operation that could possibly set it. Contrast this with the floating-point situation, in which a SIGFPE is raised on overflow without having to explicitly test after each instruction.
Enabling floating point exception is expensive too. On the CPU side it needs to flush pipelines and undo things that executed out of order. On the compiler side it makes a lot harder to vectorize since just changing the code from scalar to vectors would change the semantics if an element in the middle of the vector overflows.
http://www.cert.org/archive/pdf/09tn023.pdf They managed to get quite impressive numbers: under 6% slowdown using their As-If-Infinitely-Ranged model on GCC -O3. The trick is to delay overflow checking to "observation points", which roughly correspond to state being updated or I/O being performed (there's an interesting connection between this and the operations that made a function "impure" in the previous effect system). This area seems promising enough that I was wondering if there was interest in something like this for Rust. There's no harm in having the programmer explicitly be able to turn off the checking at the block or item level; some algorithms, such as hashing algorithms, rely on the overflow semantics, after all. But it seems in the spirit of Rust (at the risk of relying on a nebulous term) to be as safe as possible by default, and so I'd like to propose exploring opt-out overflow checking for integers at some point in the future. Thoughts?
Please turn it off by default for user code. As in c++ we probably have to do overflow checks when the compiler introduces arithmetic operations (like operator new in c++). There is some code for doing it in here:http://blog.regehr.org/archives/508
Patrick
Cheers, Rafael _______________________________________________ Rust-dev mailing list [email protected] https://mail.mozilla.org/listinfo/rust-dev
