On Borrow Checking
Dukc
ajieskola at gmail.com
Tue May 6 20:12:18 UTC 2025
On Tuesday, 6 May 2025 at 14:48:27 UTC, jmh530 wrote:
>
> It might be helpful to example where Rust's version of some
> code let's you prove something is safe with the borrow checker,
> but D's version doesn't.
You're right. Have a look at my post earlier on this thread:
> On Tuesday, 29 April 2025 at 17:12:41 UTC, Walter Bright wrote:
>> So I implemented a borrow checker for D, and it is enabled by
>> adding the `@live` annotation for a function, which turns on
>> the borrow checker for that function. There are no syntax or
>> semantic changes to the language, other than laying on a
>> borrow checker.
>
> There's a difference.
>
> In Rust, as I understand it, if you have a function like
>
> ```Rust
> fn free(ptr: MyCustomPointer)
> { // ...
> }
> ```
>
> it is 100% safe to use. The compiler will not let you
> double-free or use after free, unless you use the `unsafe`
> block to do so.
>
> But you can't have
>
> ```D
> @trusted void free(MyCustomPointer ptr)
> { // ...
> }
> ```
>
> in D because it would be unsafe to use from a non-`@live`
> function.
>
> If we had a way to say that "this function can be called from
> `@safe`, if and only if it's usage is guarded with `@live`"
> then it would be equal to the Rust borrow checker.
More information about the Digitalmars-d
mailing list