We want programs to be well-behaved, doing what we intend without misbehaving in the process. Unfortunately, mistakes are both inevitable and costly. An obvious cost is the productivity loss due to correcting found mistakes. The more significant cost may result from security and opportunity risks due to latent bugs.

Compile-time Safety

To help mitigate these costs, the Cone compiler can detect and prevent these safety violations:

Safety is the Programmer's Responsibility

At the end of the day, the compiler can only act as a valuable assistant, skilled at pointing out inconsistencies and obviously-violated constraints. It is up to the programmer to write code that protects against:

To help reduce the likelihood of experiencing the above problems, the experienced programmer can leverage helpful language features, such as: exception handling, namespace and mutation isolation, bounded iteration, private fields on types (to help protect invariants), polymorphism (when inheritance is unnecessary), finalizers, and move semantics.

Versatility vs. Safety

Although safety matters a lot, we don't want compiler-enforced safety features to negatively impact the productivity of the professional programmer. As much as possible, there should be a straightforward way for the programmer to write code that their judgement, experience and tests demonstrate is safe. Over the next few pages, let's explore several fine-grained controls the programmer can use to customize the language's built-in safety constraints.