Safety, undefined behavior, @safe, @trusted
dsimcha
dsimcha at yahoo.com
Thu Nov 5 15:18:44 PST 2009
== Quote from Andrei Alexandrescu (SeeWebsiteForEmail at erdani.org)'s article
> Walter Bright wrote:
> > Jason House wrote:
> >> I posted in the other thread how casting to immutable/shared can be
> >> just as bad. A leaked reference prior to casting to immutable/shared
> >> is in effect the same as casting away shared. No matter how you mix
> >> thread local and shared, or mutable and immutable, you still have the
> >> same undefined behavior
> >
> > Not undefined, it's just that the compiler can't prove it's defined
> > behavior. Hence, such code would go into a trusted function.
> Are we in agreement that @safe functions have bounds checking on
> regardless of -release?
> Andrei
I'd vote for this. I've wanted, for a while, a way to have finer-grained control
over bounds checking anyhow. In non-performance-critical pieces of code it seems
like a no-brainer to leave it on all the time, just to be safe. In
performance-critical code, it's a no-brainer that it has to be turned off after
debugging.
Right now I almost never use bounds checking except when I already know I have a
bug and am trying to find it because it's just too slow. I'd love to have it as a
safety net in the 90+% of my code that isn't performance-critical.
More information about the Digitalmars-d
mailing list