std.xml validity checking is absurd

Jonathan M Davis jmdavisProg at gmx.com
Fri Feb 8 11:06:39 PST 2013 

On Friday, February 08, 2013 07:54:52 Andrei Alexandrescu wrote:
> On 2/8/13 6:25 AM, monarch_dodra wrote:
> > "in" and "out" contracts themselves are flawed in D in any case, given
> > they are part of the "called" code, as opposed to "caller" code.
> 
> What would be the right design and implementation?

The way that it _should_ work but doesn't (and probably can't given D's 
linking model) is to insert in and out contracts at the call site so that it's 
the caller's compilation flags which decide whether the contracts are compiled 
in or not. They're testing the _caller's_ code after all. But the way that 
it's currently done, it's up to whoever released the library to decide whether 
the contracts are compiled in or not. For instance, it would ideally be 
possible for a program to be built with all of the debug stuff turned on 
(including assertions) and link against Phobos and have all of the in and out 
contracts on Phobos functions enabled (because the caller has assertions 
enabled). Instead, you have to build Phobos with assertions turned on in order 
to get them, even though you don't care about assertions which are internal to 
Phobos and don't need any debugging anything enabled in Phobos beyond the in 
and out contracts (since you're not debugging Phobos, just your code).

Unfortunately, while that's how it really _should_ work, AFAIK, there's no way 
with D's linking model to make things work that way. You can link against 
functions without any access to their bodies. Function pointers make it 
trivial to use a function without the compiler knowing what function your 
using (meaning that it couldn't insert the contracts at the call point). Etc. 
Etc. The contracts would have to be passed around with the functions in a 
manner which made it so that the caller could always insert them if it's being 
compiled with assertions enabled, and that just won't work.

So, yes. The implementation of D's contracts is flawed in the sense that it 
doesn't work the way that it would ideally work, but I don't think that it's 
actually possible to make it work the way that it would ideally work.

- Jonathan M Davis

More information about the Digitalmars-d mailing list