Discussion Thread: DIP 1035-- at system Variables--Community Review Round 2
schveiguy at gmail.com
Sat Feb 27 23:07:48 UTC 2021
On 2/27/21 4:13 PM, Paul Backus wrote:
> I understand from previous discussions that you have some less-rigorous
> ideas about what is "useful to programmers" and what is not, but I think
> this is an occasion where rigor is warranted.
This is going quite off topic, but I wanted to say this is absolutely
not the driver for my point of view. It is not a matter of rigor but a
matter of what are the expectations of what @safe should imply.
My point of view is that if the semantic meaning of a a @safe union
between an int and a pointer currently is that the pointer isn't usable
even in @trusted code (even though the compiler doesn't prevent you from
doing it), then this is going to violate the expectations of the
programmer (why would he write a union, when you can only use one of the
We should not only focus in our concept of @safe in proving the memory
safety of the rules we come up with, but in coming up with rules that
make sense in the context of utility to the programmer. We can make up
whatever rules we want, and based on those rules, we can prove safety,
but if the result is "you can do this, but it NEVER is usable", I think
we can do better.
More information about the Digitalmars-d