On Tuesday, 14 October 2014 at 01:47:10 UTC, Brad Roberts via
Digitalmars-d wrote:
On 10/13/2014 1:28 PM, monarch_dodra via Digitalmars-d wrote:
On Monday, 13 October 2014 at 17:16:40 UTC, Brad Roberts via
Digitalmars-d wrote:
On 10/13/2014 7:47 AM, Andrei Alexandrescu via Digitalmars-d
wrote:
On 10/12/14, 5:41 PM, Brad Roberts via Digitalmars-d wrote:
I know it's a tricky implementation, but let's focus on the
goal..
should Array be usable in @safe code?
Yes. In order for that to be 100% automatically checkable,
we need the
rules restricting escape of addresses of returns by
reference. -- Andrei
100% checkable isn't required right now. For it to be used
in an
@safe context all that's needed is liberal use of @trusted.
That can
be refined over time to a more checked version. We shouldn't
wait for
checkability.
Will one of you experts in the impl of Array volunteer to
make the
appropriate changes?
The issue is that it's *not* safe though. You can escape the
reference,
destroy it, and end up with a dangling pointer. Arbitrarily
marking
things as trusted seriously undermines what safe means.
@trusted should
be used with extreme caution.
That's why I asked the question I did. The core question isn't
about what the current implementation is or does but about
where it should end up. Should Array be usable in @safe code.
So far:
Jakob: focused on impl
Andrei: yes
Monarch: focused on impl
I totally agree that @trusted must be used with lots of
caution. But my point in that post was that impl isn't the
issue and requiring that everything be fixed and perfect also
isn't the issue. If we don't know and understand where we want
to be, the chances of accidentally landing there are rather low.
More and more code is being created in Phobos all the time, and
it's use in @safe code is largely an afterthought. Please
don't derail this thread and talk about process.. keep this
thread focused on Array.
Thanks,
Brad
You say I'm focused on impl, but @safe *is* an implementation
certification.
I'm not derailing the thread or talking about process. If Array
can't be certified memory safe, then it can't be marked as @safe.
That's really all there is to it.
