assume, assert, enforce, @safe

David Nadlinger via Digitalmars-d digitalmars-d at puremagic.com
Thu Jul 31 13:33:49 PDT 2014


On Thursday, 31 July 2014 at 19:03:14 UTC, Walter Bright wrote:
> On 7/31/2014 3:24 AM, ponce wrote:
>> On Thursday, 31 July 2014 at 09:13:53 UTC, Walter Bright wrote:
>>> It says more than that:
>>>
>>> "The expression assert(0) is a special case; it signifies 
>>> that it is
>>> unreachable code. Either AssertError is thrown at runtime if 
>>> it is reachable,
>>> or the execution is halted (on the x86 processor, a HLT 
>>> instruction can be
>>> used to halt execution). The optimization and code generation 
>>> phases of
>>> compilation may assume that it is unreachable code."
>>>
>>>  -- http://dlang.org/expression.html#AssertExpression
>>
>> You said "the compiler won't remove it".
>
> Right, and it doesn't.

This is in direct contradiction to the quoted spec excerpt. If 
the backend can assume that something is unreachable code, why on 
earth should it need to actually emit that code? A small example:

---
void foo(int a) {
    if (a == 42) assert(0);
    // Do something else.
}
---

If the compiler is free to assume that the assert is unreachable, 
please explain to me what stops it from inferring that the branch 
is never taken and transforming the example to the equivalent of:

---
void foo(int a) {
    // Do something else.
}
---

LDC would do this today if we implemented the regarding assuming 
unreachability (we currently emit a halt – actually a ud2 trap on 
x86 – instead).

I've had the questionable pleasure of tracking down a couple of 
related issues in LLVM and the LDC codegen, so please take my 
word for it: Requiring any particular behavior such as halting in 
a case that can be assumed to be unreachable is at odds with how 
the term "unreachable" is used in the wild – at least in projects 
like GCC and LLVM.

Cheers,
David


More information about the Digitalmars-d mailing list