Reputation: 338
What happens in Rust programming language when an integer arithmetic operation overflows?
As far as I know, in C programming language(and many C - based languages), when an arithmetic operation overflows over an N-bit integer, this overflow shortens the result to modulo N-th power of 2, retaining only the LSB's of the resultant.
What happens when such an integer arithmetic operation overflows in Rust programming language.
Upvotes: 9
Views: 1775
Answers (2)
Reputation: 3669
From the Rust Reference, chapter "Behavior not considered unsafe":
Integer oveflow
If a program contains arithmetic overflow, the programmer has made an error. In the following discussion, we maintain a distinction between arithmetic overflow and wrapping arithmetic. The first is erroneous, while the second is intentional.
When the programmer has enabled
debug_assert!assertions (for example, by enabling a non-optimized build), implementations must insert dynamic checks thatpanicon overflow. Other kinds of builds may result inpanicsor silently wrapped values on overflow, at the implementation's discretion.In the case of implicitly-wrapped overflow, implementations must provide well-defined (even if still considered erroneous) results by using two's complement overflow conventions.
The integral types provide inherent methods to allow programmers explicitly to perform wrapping arithmetic. For example,
i32::wrapping_addprovides two's complement, wrapping addition.The standard library also provides a
Wrapping<T>newtype which ensures all standard arithmetic operations forThave wrapping semantics.See RFC 560 for error conditions, rationale, and more details about integer overflow.
So, depending on your compiler settings, your program may panic or silently wrap when overflowing. Depending on either of those behaviors is not a good idea. If you need to handle the possibility of overflow, use either wrapping functions to explicitely tell the compiler that you want and expect overflows to wrap back, or use checked methods like u32::checked_add to handle overflow manually.
Upvotes: 6
Reputation: 1732
When you’re compiling in debug mode, Rust includes checks for integer overflow that cause your program to panic at runtime if this behavior occurs.
When you’re compiling in release mode with the --release flag, Rust does not include checks for integer overflow that cause panics. For signed values the result is based on two's complement wrapping. For unsigned values the result is modulo the maximum value of the type + 1.
The standard library has a number of functions for more control over what should happen in an overflow case, e.g., checked_add, wrapping_add, and some other variations.
If you haven't already, I suggest reading The Rust Programming Language, which has a section addressing this specifically.
Upvotes: 12
Related Questions
- How can integer overflow protection be turned off?
- Is signed integer overflow in safe Rust in release mode considered as undefined behavior?
- Multiply with overflow: Rust Runtime error
- How do I return a flag on integer overflow in Rust?
- How do you check if an arithmetic operation will overflow?
- Why does repeated multiplication panic due to overflow in debug mode, when it outputs only zeroes in release mode?
- Integer operation with boundary when overflow in Rust
- Arithmetic overflow expected but does not occur
- Unsigned integer overflow in Rust
- Chaining checked arithmetic operations in Rust