On Borrow Checking
Richard (Rikki) Andrew Cattermole
richard at cattermole.co.nz
Mon May 12 12:41:44 UTC 2025
On 13/05/2025 12:34 AM, Timon Gehr wrote:
> On 5/12/25 13:52, Richard (Rikki) Andrew Cattermole wrote:
>>
>> It has everything to do with @safe, that is where the mechanical
>> checks exist.
>>
>> You do not need the escape set (``scope``), if you do not have the
>> mechanical checks, and where you have an escape hatch (``@trusted``
>> and ``@system``), these are intentionally not turned on.
>
> Even in `@system` code you cannot assign an `int` to an `int*`, you have
> to use an explicit cast. I don't think it is true that just because
> `@system` does not give you memory safety guarantees it will therefore
> be expected that features do not work at all.
>
> This is a design decision, and I think Manu's and Walter's expectations
> are more reasonable than what the compiler actually does.
Right, perhaps if it was a different design, say unsafe blocks I'd agree
with what Manu is saying.
Unfortunately the current design has a valid set of tradeoffs.
And from experience you must have some sort of escape hatch, and that is
``@trusted`` and ``@system`` currently, enforcing ``scope`` there would
make it unusable.
More information about the Digitalmars-d
mailing list