duncan.coutts at googlemail.com
Fri Dec 18 00:48:20 EST 2009
On Thu, 2009-12-17 at 18:03 +0000, Simon Peyton-Jones wrote:
> I'm puzzling over GHC.Arr.safeIndex
> It calls the overloaded method 'index' which does bound checks on the
> "semantic range", by checking that i is in the range (l,u). But then
> safeIndex does *another* range check, on the resulting index value.
> Shouldn't it be an invariant that if index (l,u) i returns at all, it
> returns an in-range value?
> I suppose we can't enforce that. But *by default* doing two range
> checks on every array access seems stupid.
So far we've been through three iterations of this thing :-)
The original version did one range check, the Ix one. Then people
complained that custom Ix instances were unsafe because they could index
outside the array.
The next iteration just checked the resulting index value. Then people
complained because you could index outside the Ix range (eg on 2-d
arrays) without any error being raised.
The current iteration now does both checks. Now people complain that
it's slow :-)
So the challenge is to satisfy all these requirements simultaneously.
More information about the Cvs-ghc