Manu's `shared` vs the @trusted promise

ag0aep6g anonymous at example.com
Mon Oct 22 14:23:09 UTC 2018


On Monday, 22 October 2018 at 11:24:27 UTC, Dukc wrote:
> Frankly, this does not sound credible. According to this 
> rationale, array access should be @system too, because it 
> relies on the array not giving direct access to its length to 
> the user, which would also in itself be @safe.

Arrays are a language builtin. As far as I'm aware, there isn't 
actually an struct defined in DRuntime for arrays. But maybe I'm 
wrong. If there is, and if it uses a plain size_t for the length 
member, then it is breaking the strong @trusted promise, yes.

But having existing exceptions to the rule doesn't mean that the 
rule is void. We could identify the existing exceptions as bugs 
and try to fix them. Or we could say that they're a necessary 
evil, but we don't want to add more evil.

On the other hand, D could of course embrace a weaker 
@trusted/@safe. That would be up to Walter and Andrei, I guess. 
As far as I can tell from the other `shared` thread, Walter 
currently favors a strong @trusted.


More information about the Digitalmars-d mailing list