Discussion Thread: DIP 1035-- at system Variables--Community Review Round 1
jmh530
john.michael.hall at gmail.com
Wed Jun 17 14:30:45 UTC 2020
On Wednesday, 17 June 2020 at 06:14:25 UTC, Timon Gehr wrote:
> On 17.06.20 03:12, Andrei Alexandrescu wrote:
>> [snip]
>>
>> * And indeed the example with getPtr() illustrates an obvious
>> bug. Safe code has no business calling into @system code.
>
> Under current language rules, it's not @safe code. That's the
> problem. Variable initializers have no safety annotations.
It seems to me as if this is the most important point that has
been made so far.
There are two ways to interpret what Andrei is saying:
1) There is a bug with @safe that should be fixed. However, Timon
notes that this is not part of the definition of @safe and the
whole point of the DIP.
2) There is a bug in the program. In this case, he has argued
elsewhere that @safe-ty reviews should happen on a module basis.
That means the review would need to check variable initialization
to be sure they are not calling @system code. This is because the
compiler is not checking them for you. However, the whole point
of this DIP is so that the compiler would do those checks for you.
Regardless, it means that @safe is not currently safe.
More information about the Digitalmars-d
mailing list