On Monday, 28 July 2014 at 13:31:50 UTC, Daniel Murphy wrote:
The compiler is allowed to not check assertions in release mode. This is because a program that would fail an assertion is a broken program, and by specifying -release you are telling the compiler to assume all assertions pass. I don't see any reason the compiler shouldn't be allowed to change code-gen based on asserts.
In that case I will write my own assert() that doesn't have this behaviour. Nobody who cares about program verification and correctness will touch this.
It means that you have to formally prove every single assert() to be correct. This is HARD. Hoare logic is _very_ difficult even for simple programs.
assert() is no guarantee for correctness, it is basically a break-point check. A sloppy request from the programmer to check some constraint that possibly could be overspecified, and that could silently pass. The the optimizer might assume that "length<1024" etc and create all kinds of problems.
Assert() are useful debugging tools, but not a codegen feature. A good debugger could allow you to turn them on/off or let you continue after hitting one. That's useful.
