Manu's `shared` vs the @trusted promise
ag0aep6g
anonymous at example.com
Mon Oct 22 14:23:09 UTC 2018
On Monday, 22 October 2018 at 11:24:27 UTC, Dukc wrote:
> Frankly, this does not sound credible. According to this
> rationale, array access should be @system too, because it
> relies on the array not giving direct access to its length to
> the user, which would also in itself be @safe.
Arrays are a language builtin. As far as I'm aware, there isn't
actually an struct defined in DRuntime for arrays. But maybe I'm
wrong. If there is, and if it uses a plain size_t for the length
member, then it is breaking the strong @trusted promise, yes.
But having existing exceptions to the rule doesn't mean that the
rule is void. We could identify the existing exceptions as bugs
and try to fix them. Or we could say that they're a necessary
evil, but we don't want to add more evil.
On the other hand, D could of course embrace a weaker
@trusted/@safe. That would be up to Walter and Andrei, I guess.
As far as I can tell from the other `shared` thread, Walter
currently favors a strong @trusted.
More information about the Digitalmars-d
mailing list