Per-module control of overflow checks?

[RalfJung]

For arithmetic that happens inside Miri, I am quite paranoid that we may have an overflow issue, so I spent a lot of time last week-end to go over every occurrence of +/-/* and replace them all by checked_* operations. That has not made code more readable, and I am worried I might have missed some cases.

I am not sure if enabling overflow checks for all of rustc is realistic, so it would be great if that could be controlled on a per-module level: if I could set something like #![enable_overflow_checks] in the interpreter modules, I could sleep much more soundly as I would be sure we'd not have silently overflowing arithmetic -- and I wouldn't have to make the code unreadable by turning (x * 2) + 1 into x.checked_mul(2).unwrap().checked_add(1).unwrap().

Overflow checks are embedded into MIR, and it seems entirely possible to take module-level attributes into account during MIR building, so I think this is realistic.

(I am not sure if this should go into this repo or the RFC repo, feel free to move around.)

[Mark-Simulacrum]

We should probably check what the overhead of turning them on globally inside rustc is; if it's low enough that seems like a good stopgap solution.

But I've definitely wanted this myself before.

[RalfJung]

In Miri I've been setting -C debug-assertions at least for local builds, but I only just realized there is also -C overflow-checks. Does the former imply the latter?

[hanna-kruppe]

Yes, -C debug-assertions=on implies overflow checks. -C overflow-checks was added later to enable overflow checks independently of the other things -C debug-assertions=on implies.