www.digitalmars.com         C & C++   DMDScript  

digitalmars.D.learn - Array operation doesn't check array bounds

reply simendsjo <simen.endsjo pandavre.com> writes:
	int[] a = [1,2,3];

	int[4] b;
	assert(b == [0,0,0,0]);
	b = a[] * 3; // oops... a[] * 3 takes element outside a's bounds
	assert(b[$-1] == 0); // fails.. last element is *(a.ptr+3) * 3
Apr 03 2011
next sibling parent reply Simon <s.d.hammett gmail.com> writes:
On 03/04/2011 12:10, simendsjo wrote:
 	int[] a = [1,2,3];

 	int[4] b;
 	assert(b == [0,0,0,0]);
 	b = a[] * 3; // oops... a[] * 3 takes element outside a's bounds
 	assert(b[$-1] == 0); // fails.. last element is *(a.ptr+3) * 3
From the D spec: "A program may not rely on array bounds checking happening" -- My enormous talent is exceeded only by my outrageous laziness. http://www.ssTk.co.uk
Apr 03 2011
next sibling parent reply simendsjo <simen.endsjo pandavre.com> writes:
On 03.04.2011 13:32, Simon wrote:
  From the D spec:

 "A program may not rely on array bounds checking happening"
Where in the spec are you finding this? Or are you talking in general, not just on array operations? D does bounds checking, so I don't see a reason why it shouldn't do it on array operations.
Apr 03 2011
parent Simon <s.d.hammett gmail.com> writes:
On 03/04/2011 12:39, simendsjo wrote:
 On 03.04.2011 13:32, Simon wrote:
 From the D spec:

 "A program may not rely on array bounds checking happening"
Where in the spec are you finding this? Or are you talking in general, not just on array operations? D does bounds checking, so I don't see a reason why it shouldn't do it on array operations.
http://digitalmars.com/d/2.0/arrays.html It's in the bit titled "Array Bounds Checking" -- My enormous talent is exceeded only by my outrageous laziness. http://www.ssTk.co.uk
Apr 03 2011
prev sibling parent reply bearophile <bearophileHUGS lycos.com> writes:
Simon:

 "A program may not rely on array bounds checking happening"
Yet DMD has to perform them to help programmers. I think this bug report is already in Bugzilla, but I'd like to be sure. Bye, bearophile
Apr 03 2011
parent reply Simon <s.d.hammett gmail.com> writes:
On 03/04/2011 12:46, bearophile wrote:
 Simon:

 "A program may not rely on array bounds checking happening"
Yet DMD has to perform them to help programmers.
No it doesn't. D is supposed to be systems programming language. Unnecessary bounds checking would make array access too slow. Mind you phobos should provide an array container which does that checking. -- My enormous talent is exceeded only by my outrageous laziness. http://www.ssTk.co.uk
Apr 03 2011
parent bearophile <bearophileHUGS lycos.com> writes:
Simon:

 No it doesn't. D is supposed to be systems programming language.
 Unnecessary bounds checking would make array access too slow.
D has already array bounds, even to access single items. Array operations are bulk, so they need only one bound test, then they perform many operations without tests. So the bound time is often amortized, unless your arrays are very small. Otherwise you disable the tests with -release or -noboundscheck. I am rather sure Walter agrees about this. Bye, bearophile
Apr 03 2011
prev sibling parent reply Jonathan M Davis <jmdavisProg gmx.com> writes:
On 2011-04-03 04:10, simendsjo wrote:
 	int[] a = [1,2,3];
 
 	int[4] b;
 	assert(b == [0,0,0,0]);
 	b = a[] * 3; // oops... a[] * 3 takes element outside a's bounds
 	assert(b[$-1] == 0); // fails.. last element is *(a.ptr+3) * 3
Array bounds checking is done on code which is not compiled with the - noboundscheck flag and which is either not built with -release or is safe. I assume that you're not compiling with -noboundscheck (which turns off all array bounds checking). So, you're likely compiling with -release on code which isn't safe. system is the default, so unless you've marked your code safe or you're not compiling with -release, I wouldn't expect there to be any bounds checking. If you want to guarantee that there's always bounds checking, then you need to mark your code safe and not use -noboundscheck. However, given how little of Phobos is currently safe or trusted, odds are that trying to mark your code safe will get _really_ annoying at this point. And to fix that, we'd likely need conditional safe and conditional trusted for the same reasons that we need conditional pure. And those haven't been taken care of yet (there isn't even an official plan to as far as I know - though hopefully there will be). - Jonathan M Davis
Apr 03 2011
parent Kai Meyer <kai unixlords.com> writes:
On 04/03/2011 05:06 PM, Jonathan M Davis wrote:
 On 2011-04-03 04:10, simendsjo wrote:
 	int[] a = [1,2,3];

 	int[4] b;
 	assert(b == [0,0,0,0]);
 	b = a[] * 3; // oops... a[] * 3 takes element outside a's bounds
 	assert(b[$-1] == 0); // fails.. last element is *(a.ptr+3) * 3
Array bounds checking is done on code which is not compiled with the - noboundscheck flag and which is either not built with -release or is safe. I assume that you're not compiling with -noboundscheck (which turns off all array bounds checking). So, you're likely compiling with -release on code which isn't safe. system is the default, so unless you've marked your code safe or you're not compiling with -release, I wouldn't expect there to be any bounds checking. If you want to guarantee that there's always bounds checking, then you need to mark your code safe and not use -noboundscheck. However, given how little of Phobos is currently safe or trusted, odds are that trying to mark your code safe will get _really_ annoying at this point. And to fix that, we'd likely need conditional safe and conditional trusted for the same reasons that we need conditional pure. And those haven't been taken care of yet (there isn't even an official plan to as far as I know - though hopefully there will be). - Jonathan M Davis
This is the really verbose answer to the question I thought you were asking as well. I think this problem is better expressed like this: import std.stdio; void main() { int[] a = [1,2,3]; int[4] b; int[4] c = [0,1,2,3]; int[5] d = [0,1,2,3,4]; assert(b == [0,0,0,0]); b = c[] * 3; // like foreach(val; c) b.append(val*3); writef("%s %s %s\n", a, b, c); b = a[] * 3; // No error writef("%s %s %s\n", a, b, c); b = a[]; // object.Exception: lengths don't match for array copy writef("%s %s %s\n", a, b, c); writef("%s\n", a[] * 3); // bounds.d(15): Error: Array operation a[] * 3 not implemented assert(b[$-1] == 0); } I think bearophile addressed this, but I can't quite tell. So now I'm curious, why does the multiply operation break the bounds check? Also, why does it fail to print? The result can be stored in another array, so I would think it would print.
Apr 04 2011