On 7/18/2016 5:06 AM, Kagamin wrote:
On Saturday, 16 July 2016 at 21:52:02 UTC, Walter Bright wrote:
I've seen SAL before, but have not studied it. My impression is it is much
more complex than necessary. For example,
https://msdn.microsoft.com/en-us/library/hh916383.aspx
describes annotations to memcpy(). I believe these are better handled by use
of dynamic arrays and transitive const.
I suppose in case of memcpy the compiler can catch (at the caller side) the case
when the destination buffer has insufficient size, while D can catch it only at
runtime. It's a contract expressed with a simple grammar.
Determining array bounds is the halting problem in the general case, and SAL
doesn't solve that.