Temporally safe by default
Richard (Rikki) Andrew Cattermole
richard at cattermole.co.nz
Fri Apr 5 07:44:30 UTC 2024
On 05/04/2024 8:23 PM, Dom DiSc wrote:
> On Friday, 5 April 2024 at 07:16:47 UTC, Richard (Rikki) Andrew
> Cattermole wrote:
>> You have @tsafe the wrong way round to @safe.
>>
>> It would be a stronger guarantee of temporal safety + more basic
>> pointer safety.
>>
>> @system ⊇ @trusted ⊇ @safe ⊇ @tsafe
>>
>> The capability to have @safe without DIP1000 what we have now would
>> exist in the compiler, and keeping a way to specify it means we can
>> interact with older code that is @safe.
>>
>
> So, you want something even stronger than @safe (requiring DIP1000
> compliance) to be the default?
> I mean, I would like it. But how do you see the chances this will happen
> if now we can't even agree to @safe by default?!?
Escape analysis is needed to perform temporal safety, so yes. It needs
to be in that order.
As far as @safe by default is concerned, if a DIP proposed it with the
revisions regarding requiring a body, I do expect it to be accepted,
although inference is the considered approach currently.
Thanks to the upcoming edition system, we can be a bit bold and consider
changing defaults :)
More information about the dip.ideas
mailing list