Temporally safe by default

Richard (Rikki) Andrew Cattermole richard at cattermole.co.nz
Fri Apr 5 07:44:30 UTC 2024


On 05/04/2024 8:23 PM, Dom DiSc wrote:
> On Friday, 5 April 2024 at 07:16:47 UTC, Richard (Rikki) Andrew 
> Cattermole wrote:
>> You have @tsafe the wrong way round to @safe.
>>
>> It would be a stronger guarantee of temporal safety + more basic 
>> pointer safety.
>>
>> @system ⊇ @trusted ⊇ @safe ⊇ @tsafe
>>
>> The capability to have @safe without DIP1000 what we have now would 
>> exist in the compiler, and keeping a way to specify it means we can 
>> interact with older code that is @safe.
>>
> 
> So, you want something even stronger than @safe (requiring DIP1000 
> compliance) to be the default?
> I mean, I would like it. But how do you see the chances this will happen 
> if now we can't even agree to @safe by default?!?

Escape analysis is needed to perform temporal safety, so yes. It needs 
to be in that order.

As far as @safe by default is concerned, if a DIP proposed it with the 
revisions regarding requiring a body, I do expect it to be accepted, 
although inference is the considered approach currently.

Thanks to the upcoming edition system, we can be a bit bold and consider 
changing defaults :)


More information about the dip.ideas mailing list