Safety, undefined behavior, @safe, @trusted
Leandro Lucarella
llucax at gmail.com
Thu Nov 5 17:00:53 PST 2009
Walter Bright, el 5 de noviembre a las 12:12 me escribiste:
> Steven Schveighoffer wrote:
> >If unsafe means you cannot pass pointers to local variables, then
> >half of tango (and other performance oriented libs which use stack
> >allocation as much as possible) will fail to compile.
> >
> >My vote is for unsafe as the default. It's the least intrusive
> >option, to ensure that current projects still compile. Then let
> >the project authors ensure their projects are safe one
> >module/function at a time.
>
> I agree. Also, dealing with safeness is something that comes later
> on as a project scales to a larger size. As such, it's more of a
> nuisance on a small program than a help.
>
> >Also keep in mind that @safe annotations for a mostly safe project
> >will be once at the top of each module. They won't be
> >"everywhere".
>
> Right. Adding:
>
> @safe:
>
> at the top will do it.
Being so easy to mark a whole file unsafe, I think safe as default is
a saner choice. It add an interesting property of Cardelli's definition:
no untrapped errors. People by default will be warned about any unsafe
behaviour, if you really want unsafe, just say so.
--
Leandro Lucarella (AKA luca) http://llucax.com.ar/
----------------------------------------------------------------------
GPG Key: 5F5A8D05 (F8CD F9A7 BF00 5431 4145 104C 949E BFB6 5F5A 8D05)
----------------------------------------------------------------------
<Damian_Des> Me anDa MaL eL CaPSLoCK
More information about the Digitalmars-d
mailing list