[pjmlp]

Which only do bounds checking in debug builds, or when explicitly use the compiler switches to enable them in release builds, good luck trying to advocate for using at() everywhere instead of braces.

Before C++ got the STL, all collections libraries shipped with compilers used to have bounds checking enabled by default, apparently that is too much performance loss for the standard library.

Walter's proposal added bounds checking being used unless explicitly disabled, like in any sane systems language.

[WalterBright]

As experience has shown, bounds checking is needed in the release builds, because those array overflows are only discovered by hackers in the released software.

D compilers allow that to be turned off, but it's only appropriate when:

1. evaluating how much the checking costs in runtime performance

2. doing competitive benchmarking

Otherwise, it should always be on.

[pjmlp]

Exactly, as any sane systems programming language. :)

I always force enable bounds checking on C++ code, never had a performance issue where the real culprit wasn't something else, wrong algorithm or data structure for the problem at hand.

[kllrnohj]

Nobody has ever accused C++ of having good defaults. That is also unfortunately one of the hardest things possible to change without language-fragmentating mega breakages (see Python3)