Is the following well defined and allowed?
Timon Gehr
timon.gehr at gmx.ch
Fri Mar 2 15:26:53 UTC 2018
On 02.03.2018 16:05, Steven Schveighoffer wrote:
> On 3/2/18 10:00 AM, Timon Gehr wrote:
>> On 02.03.2018 15:39, Steven Schveighoffer wrote:
>>>
>>>
>>>> In this interpetation, -noboundscheck switches DMD to a different
>>>> dialect of D. In that dialect, out-of-bounds accesses (and
>>>> overlapping copies, apparently) always have UB, in both @system and
>>>> @safe code. That defeats the purpose of @safe. Which is why I don't
>>>> really care for that dialect.
>>>
>>> I agree, I think we should remove the option to disable bounds checks
>>> on @safe code, in any way. It's too dangerous. If you want
>>> performance that comes without bounds checks, use a trusted escape,
>>> or write system code.
>>
>> I.e., the -release flag should not remove assertions in @safe code, or
>> at the very least it should not turn them into sources of UB.
>
> -release flag already operates this way.
That's not what the spec says:
https://dlang.org/dmd-linux.html#switch-release
"Compile release version, which means not emitting run-time checks for
contracts and asserts. Array bounds checking is not done for system and
trusted functions, and assertion failures are undefined behaviour."
Note that this is the only way to stop checking assertions. There is no
option to just ignore them.
> It's the -noboundscheck or -boundscheck=off that causes problems.
>
> -Steve
At least the specification advises to use caution:
"off: Bounds checks are disabled completely (even in @safe code). This
option should be used with caution and as a last resort to improve
performance. Confirm turning off @safe bounds checks is worthwhile by
benchmarking."
More information about the Digitalmars-d
mailing list