-
-
Notifications
You must be signed in to change notification settings - Fork 5.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
integer arithmetic overflow #855
Comments
Note that by "compiler switch", I just mean a command-line option that choses between different sets of definitions for core integer arithmetic. Kind of awesome that that's all this takes to change the way core arithmetic works. |
Is this still relevant, or does the commit fix it? FYI, I recently added a "morebits" function to make it easier to write code that avoids integer multiplication overflow (used in |
The commit 54e40e3 appears to address (1), but not (2) or (3). |
There are also those who would prefer saturation arithmetic instead of overflow. At least that's what Matlab users get. |
Can we do this without a compiler switch? At the risk of code bloat, how about a SafeInt type? |
There are multiple features here; the purpose of the switch is to instrument all code for debugging. If you know ahead of time that certain numbers or certain operations need to handle overflow somehow, then you want a separate mechanism for that. |
Please, clarify whether the following behaviour is related to this issue or should be reported as a new one:
But
It's rather confusing, isn't it?
Thanks. |
|
That behavior is very much intentional and working as intended. Julia currently always uses native machine arithmetic. This issue is to allow some sort of command-line or compilation switch to change that behavior, but native arithmetic will almost certainly always be the default. There's a very good explanation in the documentation on why Julia uses native machine integer arithmetic. It discusses this very clearly. The behavior of |
@mbauman, thanks for your explanations. The FAQ is also great. Now I understand,the behavior is adequate. |
At JuliaCon, part of the presentation on Speed vs. Correctness discussed integer overflow and there were some interesting ideas thrown around such as: # a @checked macro that would expose the LLVM overflow flag for an arithmetic operation
ans, flag = @checked 1 + 1
# alternatively, it could be used around a whole block of code that would indicated
# if *any* of the code in the block set the LLVM overflow flag
flag = @checked begin
# lots of various
# arithmetic operations here
end |
@Keno Where does that |
@ScottPJones "I'm interested in using a checked version of the arithmetic, because for certain financial and medical applications, I think doing unchecked arithmetic can be legally dangerous." This issue is only about integer overflows. Should be easy enough to do as a separate type (BigInt is also an option), that could be built out of regular integers (or even from below or binary floating point..): See also: https://github.com/stevengj/DecFP.jl [Seems you have to call xchk to check for overflow to get it thrown. [I'm not sure, I think ordinary binary floating point may be similar.]] This one is arbitrary precision.. so you wouldn't get overflows.. only possibly out-of-memory errors: |
@PallHaraldsson: Please do not comment on issues like this to offer your two cents. You are e-mailing dozens of people unnecessarily. |
I recently got bitten several times by accidental integer overflow. I implemented My motivation is:
|
@eschnett, are you saying you want something dynamically scoped? I don't think we can do that right now because there are legitimate usages of overflow, e.g. the classic |
@StefanKarpinski No, I'm thinking of static scoping. The Over time, I can also imagine explicitly annotating all places where overflow is expected and harmless; this would then allow using a command-line option to switch over all of Julia. |
What, if anything, should we do for 1.0 here? Seems like it can be moved out of the milestone. |
Seems like some folks want a way to turn this on for all arithmetic operations, which formerly might have meant a new startup flag eval(Base, quote
(+)(x::T, y::T) where {T<:BitInteger} = checked_add(x, y)
end) results in a StackOverflow due to the use of an increment in tuple iteration/destructuring. I suspect it could be resolved by having tuple iteration call an intrinsic directly, but that's just a guess. Clearly the package would have to be structured with care. |
What you really need to support this is a way to express that you really want to do overflowing arithmetic, e.g. in the classic |
Seems like we're unlikely to change the default behavior, and the rest of the ideas here can be new features, even in packages --- a |
Just one question: How difficult / feasible / sensible is to implement the following: Add a macro so that every integer operation that will overflow has their arguments promoted to a Integer representation with a higher bit number before execution? So, if I am using in my code things like: f = C1*Δt^2 + C2*Δt^3 where the user can pass a very big integer number to |
It's easy but all your code will be very slow. |
There's a package that does the opposite — SaferIntegers.jl. It adds overflow checks and errors. It also has a macro to convert literals to "safe" integers that error on overflow ( |
This seems closable. |
To deal with integer arithmetic overflow we do the following:
checked_add
,checked_mul
, etc.@check_overflow
macro that transforms an expression to turn*
intochecked_mul
and+
intochecked_add
, etc., but only in the expression — called functions are on their own.The text was updated successfully, but these errors were encountered: