D not considered memory safe
Jonathan M Davis
newsgroup.d at jmdavisprog.com
Thu Jul 4 17:14:12 UTC 2024
On Thursday, July 4, 2024 10:11:56 AM MDT Lance Bachmeier via Digitalmars-d
wrote:
> On Thursday, 4 July 2024 at 07:11:13 UTC, Sebastian Nibisz wrote:
> > An unsafe programming language is one that allows to write
> > unsafe code by default. If D is to be more safe, then @safe
> > should be the default and @unsafe optional.
>
> Safety isn't important to anyone that can't be troubled to write
> `-preview=dip1000`.
You can write @safe code quite easily as long as you're not doing stuff like
taking the address of the stack, and you can verify the safety of that
yourself and mark the code as @trusted so long as you're not doing anything
crazy with it.
Personally, I won't touch DIP 1000 with a ten foot pole, because it's way
too complicated. And using the GC for memory allocations makes it
unnecessary in general.
Either way, it's certainly not the case that @safe by default is required
for memory safety at all. It might make it easier, because you have to mark
less with @safe explicitly, but changing the default doesn't inherently make
programs more memory safe. It might help the marketing aspect of things, but
from a technical perspective, D is just as memory safe either way. And for
those who want the pain, -preview=dip1000 does provide additional checks.
- Jonathan M Davis
More information about the Digitalmars-d
mailing list