assume, assert, enforce, @safe
H. S. Teoh via Digitalmars-d
digitalmars-d at puremagic.com
Thu Jul 31 18:37:55 PDT 2014
On Thu, Jul 31, 2014 at 06:19:59PM -0700, Walter Bright via Digitalmars-d wrote:
> On 7/31/2014 3:07 PM, David Bregman wrote:
[...]
> >I would think the easiest way is to just not inject the assumption
> >when inside @safe code, but I don't know anything about the compiler
> >internals.
> >
> >Even for @system code, I'm on the fence about whether asserts should
> >affect codegen in release, it doesn't seem like a clear tradeoff to
> >make: safety vs some dubious optimization gains.
>
> So why do you want assume() with no checking whatsoever? Does anybody
> want that? Why are we even discussing such a misfeature?
[...]
Yikes. That sounds *really* scary. If assume() doesn't insert any
checks, and yet the compiler's optimizer takes it as truth, it leads to
horrible consequences like:
int add(int x, int y) {
assume(x + y == x - y);
return x + y; // what does this do?!
}
At least, if assume() inserts checks, blatantly ridiculous things like
the above will quickly and frequently cause runtime aborts, instead of
directing the optimizer to do obviously wrong things that are
untraceable from the actual code. But if we do that, then assume()
starts to sound more and more like assert()...
T
--
Bomb technician: If I'm running, try to keep up.
More information about the Digitalmars-d
mailing list