assume, assert, enforce, @safe
Andrei Alexandrescu via Digitalmars-d
digitalmars-d at puremagic.com
Fri Aug 1 07:58:17 PDT 2014
On 8/1/14, 12:40 AM, David Bregman wrote:
> It's not a "position". I'm just giving you the definition of assume so
> you can understand the difference from assert.
After reading your posts I still can't understand what your definition
of "assume" is. Here's what I found:
> assert:
> is a runtime check of the condition.
> is a debugging/correctness checking feature.
> is used when the expression is believed true, but is not proven so.
> (if it was proven, then there is no purpose in asserting it with a redundant runtime check that is guaranteed to never activate.)
>
> assume:
> passes a hint to the optimizer to allow better code generation.
> is used when the expression is proven to be true (by the programmer, like @trusted).
There are a few corrections needed for "assert", i.e. "is a runtime
check of the condition in debug mode". The whole "believed true but not
proven so" is... odd, seeing as assert takes expressions that are
considered tautological within the design, and sometimes provable
automatically (e.g. after inlining).
Anyhow, if "assume" is to be taken at face value the its semantics has
always been what Walter intended for "assert". (Again "proven to be
true" is an eyebrow raiser because when one thinks of "proof" of
semantics of programs one thinks of state analysis or progress and
preservation and such.)
You may dislike what Walter wanted assert to be, but really this has
been it from the beginning. Back in the day when I joined him I
questioned the validity of making "assert" a keyword. He explained that
he wanted it to be magic in the same way he discusses in this thread.
Andrei
More information about the Digitalmars-d
mailing list