On Wednesday, January 02, 2013 23:21:55 Maxim Fomin wrote: > Again, I argue that D is a system language and there are many > possibilities to break @safity. Although fixing holes does make > sense in general, it does not make sense fixing obvious issues so > that plenty of code becomes uncompilable and @safity usage > becomes very annoying.
Then we're going to have to disagree, and I believe that Walter and Andrei are completely with me on this one. If all of the constructs that you use are @safe, then it should be _guaranteed_ that your program is memory-safe. That's what @safe is for. Yes, it can be gotten around if the programmer marks @system code as @trusted when it's not really memory-safe, but that's the programmer's problem. @safe is not doing it's job and is completely pointless if it has any holes in it beyond programmers mislabeling functions as @trusted. - Jonathan M Davis
