Safety, undefined behavior, @safe, @trusted

Andrei Alexandrescu SeeWebsiteForEmail at erdani.org
Thu Nov 5 13:24:31 PST 2009


Nick Sabalausky wrote:
> "Walter Bright" <newshound1 at digitalmars.com> wrote in message 
> news:hcv5p9$2jh1$1 at digitalmars.com...
>> Based on Andrei's and Cardelli's ideas, I propose that Safe D be defined 
>> as the subset of D that guarantees no undefined behavior. Implementation 
>> defined behavior (such as varying pointer sizes) is still allowed.
>>
>> Safety seems more and more to be a characteristic of a function, rather 
>> than a module or command line switch. To that end, I propose two new 
>> attributes:
>>
>> @safe
>> @trusted
>>
> 
> Sounds great! The lower-grained safeness makes a lot of sense, and I'm 
> thrilled at the idea of safe D finally encompassing more than just memory 
> safety - I'd been hoping to see that happen ever since I first heard that 
> "safeD" only ment memory-safe. 

I can think of division by zero as an example. What others are out there?

Andrei



More information about the Digitalmars-d mailing list