Bad array indexing is considered deadly

Steven Schveighoffer via Digitalmars-d digitalmars-d at puremagic.com
Fri Jun 2 06:43:39 PDT 2017


On 6/2/17 9:00 AM, Arafel wrote:
> On 06/02/2017 02:12 PM, Steven Schveighoffer wrote:
>>> Perhaps an intermediate solution would be to offer a compiler switch
>>> that allows Errors to be safely caught (that is, they behave as
>>> exceptions). As far as I understand from reading this thread, that's
>>> already the case in debug builds, so it cannot be that bad practice, but
>>> it would be nice to have a mode that it's otherwise "release", only with
>>> this feature turned on.
>>
>> I don't think this is workable, simply because of nothrow. An Error is
>> allowed to be thrown in nothrow code, and the compiler can
>> simultaneously assume that nothrow functions won't throw. Therefore it
>> can legally omit the scaffolding for deallocating scope variables when
>> an Exception is thrown (for performance reasons), and leave your
>> program in an invalid state.
>>
>
> Well, as I understood from this thread this is already possible in debug
> mode:
>
>> An Exception leads to unwinding&cleanup, an Error to termination (with
>> unwinding&cleanup in debug mode for debugging purposes).
>
> If it is indeed so, then adding a switch that only removes this
> optimization (from @nothrow code) but is otherwise a release version
> shouldn't be too hard to implement? Even if not, making @nothrow a no-op
> w.r.t. unwinding should still be possible and not too hard (sorry if I'm
> being naïve here, I don't know how hard it would be to implement, but
> conceptually it seems straightforward).
>
> Of course, one must be willing to take the performance hit.

Yes, of course. This is a non-starter if you need to compile release 
mode (and you do, my relatively small app is 47MB in debug mode, 20MB in 
release mode, and I can't imagine performance doing very well).

-Steve


More information about the Digitalmars-d mailing list