Time to move std.experimental.checkedint to std.checkedint ?
tsbockman
thomas.bockman at gmail.com
Sat Mar 27 07:42:27 UTC 2021
On Saturday, 27 March 2021 at 03:25:04 UTC, Walter Bright wrote:
> The reasons people don't care that much about integer overflow
> are:
>
> 1. they are not the cause of enough problems to be that
> concerning
>
> 2. 2's complement arithmetic fundamentally relies on it
That's an implementation detail. There is no need at either the
software or the hardware level to make it the programmer's
problem by default.
Main memory is addressed as one giant byte array, but we interact
with it through better abstractions most of the time (the stack
and the heap).
> 3. it's hard to have signed and unsigned integer types coexist
> without overflows, and not having unsigned types leads to ugly
> kludges to get them
Correctly mixing signed and unsigned integers is hard for
programmers to consistently get right, but easy for the computer.
That's why the default should be for the computer to do it.
> 4. fast integer arithmetic is fundamental to fast code,
I did benchmarking during the development of checkedint. With
good inlining and optimization, even a library solution generally
slows integer math code down by less than a factor of two. (I
expect a language solution could do even better.)
This is significant, but nowhere near big enough to move the
bottleneck in most code away from I/O, memory, floating-point, or
integer math for which wrapping is semantically correct (like
hashing or encryption). In those cases where integer math code
really is the bottleneck, there are often just a few hot spots
where the automatic checks in some inner loop need to be replaced
with manual checks outside the loop.
> not a mere micro-optimization.
By "micro-optimization" I mean that it does not affect the
asymptotic performance of algorithms, does not matter much
outside of hot spots, and is unlikely to change where the hot
spots are in the average program.
> Who wants an overflow check on every pointer increment?
As with bounds checks, most of the time the compiler should be
able to prove the checks can be skipped, or move them outside the
inner loop. The required logic is very similar.
More information about the Digitalmars-d
mailing list