Time to move std.experimental.checkedint to std.checkedint ?

Sat Mar 27 03:25:04 UTC 2021

On 3/24/2021 1:28 PM, tsbockman wrote:
> Unchecked integer operations are mostly just a micro-optimization that is 
> pointless outside of very hot code, like inner loops. (It is very puzzling that 
> people consider memory safety so important, and yet are totally disinterested in 
> integer overflow, which can violate memory safety.)

Integer overflow happening should not result in memory safety errors in a safe 
language. It can cause other problems, but not that.

The reasons people don't care that much about integer overflow are:

1. they are not the cause of enough problems to be that concerning

2. 2's complement arithmetic fundamentally relies on it

3. it's hard to have signed and unsigned integer types coexist without 
overflows, and not having unsigned types leads to ugly kludges to get them

4. fast integer arithmetic is fundamental to fast code, not a mere 
micro-optimization. Who wants an overflow check on every pointer increment?

5. size_t is unsigned, and ptrdiff_t is signed. Yet they have to work together.