Is @safe still a work-in-progress?
Walter Bright
newshound2 at digitalmars.com
Tue Aug 21 19:36:39 UTC 2018
On 8/21/2018 7:31 AM, Atila Neves wrote:
> The problem is that the code we write doesn't deal directly with pointers - see
> the recent confusion in this forum over where `scope` on the left applies to the
> `this` pointer or the one returned by the member function.
That's what I was saying :-)
The way to deal with this is make a copy of the code, then rewrite it so it does
the exact same thing, but with pointers and refs only. No member functions, no
delegates, no dynamic arrays. Then it is MUCH MUCH easier to see where the
annotations go.
> Kagamin just told me I needed to use `return` instead of `scope` to get things
> to work and I'm still not sure why.
>
> Also: destructors? Always `scope`? Sometimes? I just add `scope` when the
> compiler complains at this point.
>
> I think it's interesting that when I played with Rust I didn't have problems
> fighting the borrow checker at all. DIP1000 is supposed to have the same safety
> without the Rust complications but currently Rust is much easier to understand
> for me.
>
> It doesn't help that the current implementation of -dip1000 doesn't match the
> document it's supposedly based on.
All good points. But I cannot make any progress when nobody is willing to pull
my PRs that improve the situation.
https://github.com/dlang/dmd/pull/8504
BTW, the annotations do not break things. The worst that will happen is the
compiler will complain in @safe code that they are incorrect, and you'll need to
fix it or make it @trusted. The compiler is also pretty good about inferring the
correct annotations, at least for templates and lambdas, which helps enormously.
However, dip1000 not working with Phobos is a huge impediment to success, and so
pulling 8504 is critical.
More information about the Digitalmars-d
mailing list