assume, assert, enforce, @safe
via Digitalmars-d
digitalmars-d at puremagic.com
Sat Aug 2 02:46:54 PDT 2014
On Friday, 1 August 2014 at 21:50:59 UTC, Jonathan M Davis wrote:
> On Friday, 1 August 2014 at 20:30:19 UTC, Daniel Gibson wrote:
>> Am 01.08.2014 22:16, schrieb eles:
>>> On Friday, 1 August 2014 at 17:43:27 UTC, Timon Gehr wrote:
>>>> On 08/01/2014 07:19 PM, Sebastiaan Koppe wrote:
>>>
>>>> The debug and the release build may be subjected to
>>>> different input
>>>> and hence traverse different traces of abstract states. It
>>>> is not
>>>> valid to say that an assertion will never fail just because
>>>> it hasn't
>>>> failed yet.
>>>
>>> Yes, but is the same for the C apps. There, you have no
>>> assertion in the
>>> release build, the release build is optimized (I imagine very
>>> few would
>>> use -O0 on it...), then the sefault happens.
>>>
>>
>> But there checks are not optimized away because of assert.
>> assert(x != NULL);
>> if(x != NULL) { ... }
>> in C the if check won't be optimized away in NDEBUG builds, in
>> equivalent D code it would, because the assert would make the
>> compiler assume that x will never be NULL at that point.
>
> And why is that a problem? By definition, if an assertion
> fails, your code is in an invalid state,
Only in an ideal world. In practice, the condition in the
assertion could itself be incorrect. It could be a leftover after
a refactoring, for instance.
> and by compiling out assertions, you're basically assuming that
> they all pass, so you're code's already screwed if the
> assertion would have failed had it been compiled in. I don't
> see how having the compiler then use that assertion for
> optimizations really costs you anything. Worst case, it just
> makes already invalid code more invalid. You're screwed
> regardless if the assertion would have failed. And if it would
> have succeeded, then you just got an efficiency boost thanks to
> the assertion.
>
> Thinking about it, I'm actually wondering if I should use
> assertions _more_ so that the compiler might be able to do
> better optimizations in -release. The extra cost in non-release
> builds could be worth that extra boost in -release, and as far
> as correctness goes, it never hurts to have more assertions.
>
> - Jonathan M Davis
More information about the Digitalmars-d
mailing list