Allocator-aware @safe reference counting is still not possible
Paul Backus
snarwin at gmail.com
Mon Jan 30 18:19:35 UTC 2023
On Monday, 30 January 2023 at 17:51:52 UTC, Richard (Rikki)
Andrew Cattermole wrote:
> Effectively @safe means as much code is machine checked, but we
> want to isolate to library code the unsafe parts, where we
> ensure those guarantees for what we can by auditing instead.
Yes; I assumed that this went without saying. Even with language
features like an isolated qualifier to help us, it will still be
necessary for the data structures and allocators to use @trusted
code internally.
> So no I don't think we can have 1/2 without hiring some people,
> but we can get close enough to it with what resources we do
> have, just by telling people to not use something and push them
> instead to use things that do offer it as long you don't do
> something outright stupid (which lets face it, they probably
> won't be using anything other than the default global
> allocator).
I am afraid that this description is far too vague for me to
understand what you have in mind here. Are you advocating for
(1)+(3), (2)+(3), or maybe some hybrid of both? Like, if you use
one of the Officially Blessed allocators, the container will be
@safe, and if you use a 3rd-party custom allocator, it'll be
@system?
More information about the Digitalmars-d
mailing list