Getting action on your favorite D issues

ag0aep6g anonymous at example.com
Sun Jun 7 15:01:10 UTC 2020


On Sunday, 7 June 2020 at 14:14:51 UTC, Steven Schveighoffer 
wrote:
> Consider an integer which represents the length of an array. 
> Instead of the full bit pattern of the integer being valid, 
> only the bit pattern that is less than or equal to the memory 
> size is valid. And this is not something that can be checked 
> even at runtime -- @trusted code must depend on the value being 
> correct. This is enforced for D's builtin arrays, but not for a 
> custom array type.
>
> And currently there's no way to convey that danger to the 
> compiler. Especially where unions and void initializations are 
> involved, there are ways to use @safe code to subvert @trusted 
> code, even for private variables. Even with careful 
> encapsulation, D has ways to get at the data.
>
> This is especially a problem with types which have a semantic 
> invariant between calls to its members.

For reference, there's a DIP being written to address this issue:

https://github.com/dlang/DIPs/pull/179

I know that you're already aware of it, Steven. But others might 
not be.


More information about the Digitalmars-d mailing list