Getting action on your favorite D issues
ag0aep6g
anonymous at example.com
Sun Jun 7 15:01:10 UTC 2020
On Sunday, 7 June 2020 at 14:14:51 UTC, Steven Schveighoffer
wrote:
> Consider an integer which represents the length of an array.
> Instead of the full bit pattern of the integer being valid,
> only the bit pattern that is less than or equal to the memory
> size is valid. And this is not something that can be checked
> even at runtime -- @trusted code must depend on the value being
> correct. This is enforced for D's builtin arrays, but not for a
> custom array type.
>
> And currently there's no way to convey that danger to the
> compiler. Especially where unions and void initializations are
> involved, there are ways to use @safe code to subvert @trusted
> code, even for private variables. Even with careful
> encapsulation, D has ways to get at the data.
>
> This is especially a problem with types which have a semantic
> invariant between calls to its members.
For reference, there's a DIP being written to address this issue:
https://github.com/dlang/DIPs/pull/179
I know that you're already aware of it, Steven. But others might
not be.
More information about the Digitalmars-d
mailing list