On Thu, 10 Apr 2014 19:21:52 -0400, Andrei Alexandrescu
<seewebsiteforem...@erdani.org> wrote:
On 4/10/14, 10:56 AM, Steven Schveighoffer wrote:
@safe code can be marked as @trusted instead, and nothing changes,
except @trusted code can have bounds checks removed. How does this not
work as a solution?
Doesn't work because @trusted removes all additional checks by the
compiler. We do want to have @safe as mechanically verified.
I think you are missing something. This is code that is marked as @safe.
Then you change it to @trusted. It doesn't change that the code is @safe,
but now it's @trusted so the bounds checks can be removed temporarily.
The assertion is that -noboundscheck for @safe code is a temporary
condition to find possible optimizations. Then if this helps, you can find
a more permanent mechanism to fix the performance. A similar mechanism is
to use @trusted to allow bounds checks to go away temporarily, as a test.
Any function that is @safe can be instead marked as @trusted, and nothing
else changes.
As Walter often says about logical const, logical @safe is @safe by
convention, and it loses all of its teeth.
I think you are wrong here.
Victims with bleeding hearts around the world are feeling the effects of
logical safety.
If @safe is just a convention, then I don't see the point of having it at
all. If it can't be a guarantee, then it's pretty much another tech
buzzword with no teeth.
-Steve
