Memory safe in D
Richard (Rikki) Andrew Cattermole
richard at cattermole.co.nz
Mon Mar 18 21:20:39 UTC 2024
On 19/03/2024 1:31 AM, Nick Treleaven wrote:
> On Saturday, 16 March 2024 at 19:10:56 UTC, Don Allen wrote:
>> The compiler therefore forces you to handle the unusual case, so if it
>> happens, the result will be something under your control.
>
> You can call `unwrap` on the Option which will panic if it's None. But
> that's fine, because that call makes it clear to anyone reading the code
> that the programmer is intentionally assuming the Option contains a value.
>
> ...
>> Related to the above, you may also process an uninitialized value, at
>> which point anything can happen.
>
> It can't violate memory safety:
>
>> Void initializers for variables with a type that may contain unsafe
>> values (such as types with pointers) are not allowed in @safe code.
>
> https://dlang.org/spec/declaration.html#void_init
With type state analysis you should be allowed to write, but not read
uninitialized variables.
So this restriction that it isn't @safe to use them in is simply because
we don't have the ability to guarantee initialization before reading can
occur.
More information about the Digitalmars-d
mailing list