On Friday, 11 April 2014 at 13:44:09 UTC, Steven Schveighoffer
wrote:
On Fri, 11 Apr 2014 09:35:12 -0400, Tommi
<tommitiss...@hotmail.com> wrote:
On Friday, 11 April 2014 at 13:13:22 UTC, Steven Schveighoffer
wrote:
[..]
6. D @safe is labeled a "joke"
More likely:
6. This company's programming department is labeled a "joke".
Perhaps, but it doesn't change the idea that @safe code had
memory bugs. What we are saying with @safe is that you CAN'T
have memory bugs, no matter how incompetent your programmers
are.
You can't gurantee @safe to be memory-safe in the general case
without disallowing calls to @trusted, because those incompenent
programmers can write buggy @trusted functions and call them from
@safe code.
There should be a way to say, "I still want all the @safety
checks, except for this one critical array access, I have
manually guaranteed the bounds". We don't have anything like
that.
We have array.ptr[idx]
Not allowed in @safe code.
@trusted ref T unsafeIndex(T)(T[] array, ulong idx)
{
return array.ptr[idx];
}
There you go.