ref is unsafe
Thiez
thiezz at gmail.com
Wed Jan 2 15:33:15 PST 2013
On Wednesday, 2 January 2013 at 22:53:04 UTC, Jonathan M Davis
wrote:
> Then we're going to have to disagree, and I believe that Walter
> and Andrei are
> completely with me on this one. If all of the constructs that
> you use are
> @safe, then it should be _guaranteed_ that your program is
> memory-safe. That's
> what @safe is for. Yes, it can be gotten around if the
> programmer marks
> @system code as @trusted when it's not really memory-safe, but
> that's the
> programmer's problem. @safe is not doing it's job and is
> completely pointless
> if it has any holes in it beyond programmers mislabeling
> functions as @trusted.
> - Jonathan M Davis
Perhaps it is worth looking at Rust for this problem? They have
been looking pretty hard at the lifetimes of data/pointers and
perhaps they have a (possibly partial) solution that can be used
in the D compiler. It seems to me a ref in D has many things in
common with Rust's borrowed pointers.
More information about the Digitalmars-d
mailing list