Both safe and wrong?
Olivier FAURE
couteaubleu at gmail.com
Thu Feb 7 17:33:01 UTC 2019
On Thursday, 7 February 2019 at 01:04:44 UTC, Walter Bright wrote:
> I'm not seeing a problem with it.
Let me put this another way:
If you want to make sure only @safe code is ever run, you can
slap @safe on your main function, and the program will only
compile if every single other function is either @safe or
@trusted.
However, @system variable declarations aren't infectious so far
(and making them infectious would be a breaking change), which
means the following code:
import std.stdio;
immutable int x = 1;
int* y = cast(int*)&x;
void main() @safe
{
*y = 2;
writeln(x);
writeln(*(&x));
writeln(*y);
}
compiles even though main(), a @safe function, ends up doing
something unsafe (mutating a value declared as immutable).
One way to fix this would be to forbid using @system global
variables in @safe functions, but this would definitely be a
breaking change, unless global variable safety is determined by
the compiler by default (which is its own can of worms).
More information about the Digitalmars-d
mailing list