Concept proposal: Safely catching error
ag0aep6g via Digitalmars-d
digitalmars-d at puremagic.com
Wed Jun 7 13:46:15 PDT 2017
On 06/07/2017 09:45 PM, ag0aep6g wrote:
> When no @trusted code is involved, then catching an out-of-bounds error
> from a @safe function is safe. No additional rules are needed. Assuming
> no compiler bugs, a @safe function simply cannot corrupt memory without
> calling @trusted code.
Thinking a bit more about this, I'm not sure if it's entirely correct.
Can a @safe language feature throw an Error *after* corrupting memory?
For example, could `a[i] = n;` write the value first and do the bounds
check afterwards? There's probably a better example, if this kind of
"shoot first, ask questions later" style ever makes sense.
If bounds checking could be implemented like that, you wouldn't be able
to ever catch the resulting error safely. Wouldn't matter if it comes
from @safe or @trusted code. Purity wouldn't matter either, because an
arbitrary write like that doesn't care about purity.
More information about the Digitalmars-d
mailing list