@safe status
Michel Fortin
michel.fortin at michelf.com
Mon Feb 8 14:54:21 PST 2010
On 2010-02-08 17:20:21 -0500, Andrei Alexandrescu
<SeeWebsiteForEmail at erdani.org> said:
> Michel Fortin wrote:
>> On 2010-02-08 16:21:31 -0500, bearophile <bearophileHUGS at lycos.com> said:
>>
>>> Michel Fortin:
>>>> But unsafe functions can give whatever pointer they want to a safe function,<
>>>
>>> Can pointers be used in safe modules/functions?
>>
>> Yes. And object references too. And arrays. All those are pointers of
>> some sort. You wouldn't go very far without them.
>
> Pointers undergo significantly less control than arrays and object references.
Yes. But an unsafe function can still give a bad pointer to a safe
function and have the safe function corrupt some memory.
The whole point is that you don't have a "safe pointer" type for giving
only safe pointers to safe functions: a safe function will accept any
pointer. The same should be true for delegates: an unsafe function
should be able to call any delegate you feed it with. But only unsafe
functions should be allowed to create an unsafe delegate in the first
place.
It could be achieved simply by abolishing the @safe qualifier for
variables of type delegate or function pointer and restricting @safe
code so that it can only get the address of another @safe function.
--
Michel Fortin
michel.fortin at michelf.com
http://michelf.com/
More information about the Digitalmars-d
mailing list