Implement strict integer operations that panic on overflow #116090
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
r? @m-ou-se (rustbot has picked a reviewer for you, use r? to override) |
rustbot
added
S-waiting-on-review
|
All of the exposed methods should probably be |
|
☔ The latest upstream changes (presumably #116176) made this pull request unmergeable. Please resolve the merge conflicts. |
|
☔ The latest upstream changes (presumably #117482) made this pull request unmergeable. Please resolve the merge conflicts. |
|
cc @RalfJung (I didn't know if you were aware of this PR) |
RalfJung
reviewed
Nov 24, 2023
library/core/src/num/int_macros.rs
Outdated
| /// #![feature(strict_overflow_ops)] | ||
| #[doc = concat!("let _ = (", stringify!($SelfT), "::MAX - 2).strict_add(3);")] | ||
| /// ``` | ||
| #[unstable(feature = "strict_overflow_ops", issue = "116064")] |
There was a problem hiding this comment.
It's probably better to create a new tracking issue for this, with the tracking issue template.
There was a problem hiding this comment.
Good point, I created #118260.
6 tasks
m-ou-se
reviewed
Nov 28, 2023
library/core/src/num/int_macros.rs
Outdated
| /// | ||
| /// ## Overflow behavior | ||
| /// | ||
| /// This function will always panic on overflow, regardless of if overflow checks are enabled. |
There was a problem hiding this comment.
Suggested change
| /// This function will always panic on overflow, regardless of if overflow checks are enabled. | |
| /// This function will always panic on overflow, regardless of whether overflow checks are enabled. |
There was a problem hiding this comment.
It'd be useful to add a comment to this file to note that these functions are used by the strict_ methods.
There was a problem hiding this comment.
@RalfJung How would you feel about removing the descriptions from rustc_middle and instead of calling the panic lang item, making each of the functions below a lang item and calling those? (In a follow-up PR.)
There was a problem hiding this comment.
I think description is used in a bunch of places where we really need a string, e.g. for MIR dumping.
But if there's some way to reduce the redundancy here, I'm all for it. This duplication of the panic message in 3 or 4 places has bothered me for a while, I just never found a great way to fix it.
library/core/src/num/int_macros.rs
Outdated
| #[track_caller] | ||
| pub const fn strict_add(self, rhs: Self) -> Self { | ||
| let (a, b) = self.overflowing_add(rhs); | ||
| if unlikely!(b) {overflow_panic::add()} else {a} |
There was a problem hiding this comment.
Suggested change
| if unlikely!(b) {overflow_panic::add()} else {a} | |
| if unlikely!(b) { overflow_panic::add() } else { a } |
m-ou-se
added
S-waiting-on-author
|
@rustbot review |
rustbot
added
S-waiting-on-review
|
@m-ou-se just a reminder that there's a PR waiting for review here :) |
|
@bors r+ |
bors
added
S-waiting-on-bors
GuillaumeGomez
added a commit
to GuillaumeGomez/rust
that referenced
this pull request
Jan 20, 2024
…u-se Implement strict integer operations that panic on overflow This PR implements the first part of the ACP for adding panic on overflow style arithmetic operations (rust-lang/libs-team#270), mentioned in rust-lang#116064. It adds the following operations on both signed and unsigned integers: - `strict_add` - `strict_sub` - `strict_mul` - `strict_div` - `strict_div_euclid` - `strict_rem` - `strict_rem_euclid` - `strict_neg` - `strict_shl` - `strict_shr` - `strict_pow` Additionally, signed integers have: - `strict_add_unsigned` - `strict_sub_unsigned` - `strict_abs` And unsigned integers have: - `strict_add_signed` The `div` and `rem` operations are the same as normal division and remainder but are added for completeness similar to the corresponding `wrapping_*` operations. I'm not sure if I missed any operations, I basically found them from the `wrapping_*` and `checked_*` operations on both integer types.
bors
added a commit
to rust-lang-ci/rust
that referenced
this pull request
Jan 21, 2024
Rollup of 8 pull requests Successful merges: - rust-lang#116090 (Implement strict integer operations that panic on overflow) - rust-lang#118811 (Use `bool` instead of `PartiolOrd` as return value of the comparison closure in `{slice,Iteraotr}::is_sorted_by`) - rust-lang#119081 (Add Ipv6Addr::is_ipv4_mapped) - rust-lang#119461 (Use an interpreter in MIR jump threading) - rust-lang#119996 (Move OS String implementation into `sys`) - rust-lang#120015 (coverage: Format all coverage tests with `rustfmt`) - rust-lang#120027 (pattern_analysis: Remove `Ty: Copy` bound) - rust-lang#120084 (fix(rust-analyzer): use new pkgid spec to compare) r? `@ghost` `@rustbot` modify labels: rollup
rust-timer
added a commit
to rust-lang-ci/rust
that referenced
this pull request
Jan 21, 2024
Rollup merge of rust-lang#116090 - rmehri01:strict_integer_ops, r=m-ou-se Implement strict integer operations that panic on overflow This PR implements the first part of the ACP for adding panic on overflow style arithmetic operations (rust-lang/libs-team#270), mentioned in rust-lang#116064. It adds the following operations on both signed and unsigned integers: - `strict_add` - `strict_sub` - `strict_mul` - `strict_div` - `strict_div_euclid` - `strict_rem` - `strict_rem_euclid` - `strict_neg` - `strict_shl` - `strict_shr` - `strict_pow` Additionally, signed integers have: - `strict_add_unsigned` - `strict_sub_unsigned` - `strict_abs` And unsigned integers have: - `strict_add_signed` The `div` and `rem` operations are the same as normal division and remainder but are added for completeness similar to the corresponding `wrapping_*` operations. I'm not sure if I missed any operations, I basically found them from the `wrapping_*` and `checked_*` operations on both integer types.
GuillaumeGomez
added a commit
to GuillaumeGomez/rust
that referenced
this pull request
Jul 20, 2025
Add `uX::strict_sub_signed` rust-lang#116090 missed `strict_sub_signed`, adding it here. Part of rust-lang#118260. r? `@m-ou-se`
GuillaumeGomez
added a commit
to GuillaumeGomez/rust
that referenced
this pull request
Jul 20, 2025
Add `uX::strict_sub_signed` rust-lang#116090 missed `strict_sub_signed`, adding it here. Part of rust-lang#118260. r? ``@m-ou-se``
rust-timer
added a commit
that referenced
this pull request
Jul 20, 2025
github-actions bot
pushed a commit
to rust-lang/rustc-dev-guide
that referenced
this pull request
Jul 21, 2025
Add `uX::strict_sub_signed` rust-lang/rust#116090 missed `strict_sub_signed`, adding it here. Part of rust-lang/rust#118260. r? ``@m-ou-se``
github-actions bot
pushed a commit
to rust-lang/miri
that referenced
this pull request
Jul 21, 2025
Add `uX::strict_sub_signed` rust-lang/rust#116090 missed `strict_sub_signed`, adding it here. Part of rust-lang/rust#118260. r? ``@m-ou-se``
Muscraft
pushed a commit
to Muscraft/rust
that referenced
this pull request
Jul 21, 2025
Add `uX::strict_sub_signed` rust-lang#116090 missed `strict_sub_signed`, adding it here. Part of rust-lang#118260. r? ``@m-ou-se``
github-actions bot
pushed a commit
to model-checking/verify-rust-std
that referenced
this pull request
Jul 29, 2025
Add `uX::strict_sub_signed` rust-lang#116090 missed `strict_sub_signed`, adding it here. Part of rust-lang#118260. r? ``@m-ou-se``
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR implements the first part of the ACP for adding panic on overflow style arithmetic operations (rust-lang/libs-team#270), mentioned in #116064.
It adds the following operations on both signed and unsigned integers:
strict_addstrict_substrict_mulstrict_divstrict_div_euclidstrict_remstrict_rem_euclidstrict_negstrict_shlstrict_shrstrict_powAdditionally, signed integers have:
strict_add_unsignedstrict_sub_unsignedstrict_absAnd unsigned integers have:
strict_add_signedThe
divandremoperations are the same as normal division and remainder but are added for completeness similar to the correspondingwrapping_*operations.I'm not sure if I missed any operations, I basically found them from the
wrapping_*andchecked_*operations on both integer types.