Discussion Thread: DIP 1028--Make @safe the Default--Final Review
Adam D. Ruppe
destructionator at gmail.com
Thu Mar 26 14:24:24 UTC 2020
On Thursday, 26 March 2020 at 14:12:24 UTC, Steven Schveighoffer
wrote:
> I still think this is the appropriate path. We cannot continue
> to ignore memory safety as a secondary concern just because C
> code is by-default unsafe. Memory unsafe HAS to be opt-in for
> any new modern language to succeed.
What frustrates me about these discussions is the facts that
slices always check bounds by default. The GC prevents
use-after-free bugs by default.
C doesn't do those. So assuming C's problems apply to D is
fallacious. Rust's complication is because they wanted to avoid
the runtime checks. But D's runtime checks are also a valid
solution.
I suspect 95+% of C's problems already are extremely rare in D,
yet the @safe advocates never seem to consider this at all.
More information about the Digitalmars-d
mailing list