D Article: Memory Safety
Dicebot via Digitalmars-d-announce
digitalmars-d-announce at puremagic.com
Thu Jan 21 05:52:57 PST 2016
On Thursday, 21 January 2016 at 13:42:13 UTC, Jakob Ovrum wrote:
> On Thursday, 21 January 2016 at 13:39:48 UTC, Dicebot wrote:
>> I'd suggest at the very least to add a comment before
>> "p.bar();" saying "Must not escape 'p' pointer or @safe-ty
>> will be compromised".
>
> I thought about this case, but it relies on UFCS which is
> controlled by the callee. The caller can't inject that call if
> the callee is careful with its imports.
>
> For member functions, the this reference is `ref` and its
> address cannot be taken in @safe code.
Reasonable, but the UFCS call can result from some other function
defined in same module (Phobos modules are not small at all).
Even small unlikely violation can completely destroy benefits of
@safe so in my opinion one can't be overly cautious when
documenting stuff that requires verification.
More information about the Digitalmars-d-announce
mailing list