DIP 1028---Make @safe the Default---Community Review Round 1

Manu turkeyman at gmail.com
Thu Jan 9 02:01:39 UTC 2020

On Thu, Jan 9, 2020 at 10:49 AM H. S. Teoh via Digitalmars-d
<digitalmars-d at puremagic.com> wrote:
> On Thu, Jan 09, 2020 at 10:12:23AM +1000, Manu via Digitalmars-d wrote:
> [...]
> > unsafe blocks is distinctly preferable to me. Functions are usually >1
> > line, and I hate that we can only mark this at the function level.
> > Unsafely statements are never at the function level, it's usually just
> > one line among a larger function. An unsafe scope would be immensely
> > preferable to me, because I can make it as narrow as the code i'm
> > suspicious of, and the surrounding code doesn't lose its safe checking
> > just by being a bystander.
> There is this current idiom that essentially serves as a @trusted block:
>         auto myFunc() @safe {
>                 ... // mundane stuff
>                 () @trusted {
>                         // dangerous stuff goes here
>                 }();
>                 ... // more mundane stuff
>         }
> But it's quite the eyesore, I'll admit.
> OTOH, that may be its redeeming quality: it looks so ugly, and is so
> icky to write, that it discourages people from overusing it. You're
> inclined to do it only when you absolutely have to.

Lambdas are usually suggested, but it's a completely unacceptable hack.
 * additional function call overhead
 * influences the inliner heuristics unfavourably
 * may allocate a closure if you're not careful
 * additional callstack pollutes stack trace with redundant frames
with stupid names, which is particularly annoying while debugging!

This is a tired and unacceptable suggestion.

More information about the Digitalmars-d mailing list