safety model in D
Leandro Lucarella
llucax at gmail.com
Wed Nov 4 09:03:42 PST 2009
Andrei Alexandrescu, el 4 de noviembre a las 08:16 me escribiste:
> Michal Minich wrote:
> >Hello Michel,
> >
> >>module (system) name; // interface: unsafe impl.: unsafe
> >>module (safe) name; // interface: safe impl.: safe
> >
> >I thought that first (unsafe-unsafe) case is currently available just by:
> >
> >module name; // interface: unsafe impl.: unsafe
> >
> >separating modules to unsafe-unsafe and safe-safe has no
> >usefulness - as those modules could not interact, specifically you
> >need modules that are implemented by unsafe means, but provides
> >only safe interface, so I see it as:
> >
> >module name; // interface: unsafe impl.: unsafe
> >module (system) name; // interface: safe impl.: unsafe
> >module (safe) name; // interface: safe impl.: safe
> >
> >so you can call system modules (io, network...) from safe code.
I think safe should be the default, as it should be the most used flavor
in user code, right? What about:
module s; // interface: safe impl.: safe
module (trusted) t; // interface: safe impl.: unsafe
module (unsafe) u; // interface: unsafe impl.: unsafe
* s can import other safe or trusted modules (no unsafe for s).
* t can import any kind of module, but he guarantee not to corrupt your
memory if you use it (that's why s can import it).
* u can import any kind of modules and makes no guarantees (C bindings
use this).
> That's a pretty clean design. How would it interact with a -safe
> command-line flag?
I'll use safe by default. If you want to use broken stuff (everything
should be correctly marked as safe (default), trusted or unsafe) and let
it compile anyway, add a compiler flag -no-safe (or whatever).
But people should never use it, unless you are using some broken library
or you are to lazy to mark your modules correctly.
Is this too crazy?
--
Leandro Lucarella (AKA luca) http://llucax.com.ar/
----------------------------------------------------------------------
GPG Key: 5F5A8D05 (F8CD F9A7 BF00 5431 4145 104C 949E BFB6 5F5A 8D05)
----------------------------------------------------------------------
El discman vuelve locos a los controles, te lleva a cualquier lugar.
Ajústense pronto los cinturones, nos vamos a estrellar.
Evidentemente, no escuchaste el speech,
que dio la azafata, antes de despegar.
More information about the Digitalmars-d
mailing list