Safety, undefined behavior, @safe, @trusted
Walter Bright
newshound1 at digitalmars.com
Sat Nov 7 10:22:09 PST 2009
Don wrote:
> In practice, the big disadvantage which D has is that it can make calls
> to C libraries which are not necessarily memory safe -- and this is an
> important feature of the language. Dealing with the external,
> uncheckable libraries is always going to be a weak point. Both Java and
> .net have mitigated this by rewriting a fair chunk of an OS in their
> libraries. That's probably never going to happen for D.
Java has the jni interface where one can execute arbitrary C code.
Obviously, that isn't memory safe, either.
Some of the standard C library functions are safe, some of them aren't.
We'll mark them appropriately in the std.c.* headers.
I expect there will be a lot of pressure for 3rd party D libraries to be
marked as safe, so I think this problem will sort itself out over time.
More information about the Digitalmars-d
mailing list