On Fri, Apr 25, 2014 at 12:31 AM, Scott L. Burson Scott@sympoiesis.comwrote:
On Thu, Apr 24, 2014 at 7:29 PM, Steve Haflich shaflich@gmail.com wrote:
Take for example aref, which might be used to extract octets of characters or whatever from a buffer. aref makes no guarantees even in safe code that it will signal bad array bounds.
I've long thought that was an oversight, though now that you point it out, I realize I must have been mistaken.
Still, it surprises me. I don't know of any implementation that doesn't bounds-check aref under normal speed/safety settings, and clearly, users expect them to do so.
I am surprised too. I always understood it like you Scott but now that re-read the page on aref I see that it is exactly like Steve says, no mention of any exception and a statement that "subscripts" must be a list of valid array indices right from the start of the call to aref. Yet that leaves me even more curious to know which implementation has read the spec as strictly as Steve says it can be even under (safety 3)? Does anyone know any?