safety model in D
Andrei Alexandrescu
SeeWebsiteForEmail at erdani.org
Wed Nov 4 20:21:14 PST 2009
Rainer Deyke wrote:
> Andrei Alexandrescu wrote:
>> Rainer Deyke wrote:
>>> '-safe' turns on runtime safety checks, which can be and should be
>>> mostly orthogonal to the module safety level.
>> Runtime vs. compile-time is immaterial.
>
> The price of compile-time checks is that you are restricted to a subset
> of the language, which may or may not allow you to do what you need to do.
>
> The price of runtime checks is runtime performance.
>
> Safety is always good. To me, the question is never if I want safety,
> but if I can afford it. If I can't afford to pay the price of runtime
> checks, I may still want the compile-time checks. If I can't afford to
> pay the price of compile-time checks, I may still want the runtime
> checks. Thus, to me, the concepts of runtime and compile-time checks
> are orthogonal.
I hear what you're saying, but I am not enthusiastic at all about
defining and advertising a half-pregnant state. Such a language is the
worst of all worlds - it's frustrating to code in yet gives no guarantee
to anyone. I don't see this going anywhere interesting. "Yeah, we have
safety, and we also have, you know, half safety - it's like only a lap
belt of sorts: inconvenient like crap and doesn't really help in an
accident." I wouldn't want to code in such a language.
> A module either passes the compile-time checks or it does not. It makes
> no sense make the compile-time checks optional for some modules. If the
> module is written to pass the compile-time checks (i.e. uses the safe
> subset of the language), then the compile-time checks should always be
> performed for that module.
I think that's the current intention indeed.
Andrei
More information about the Digitalmars-d
mailing list