On Thursday, 27 July 2017 at 14:45:03 UTC, Steven Schveighoffer
wrote:
On 7/27/17 10:20 AM, Moritz Maxeiner wrote:
On Thursday, 27 July 2017 at 13:56:00 UTC, Steven
Schveighoffer wrote:
I'm fine with saying libraries or platforms that do not
segfault when accessing zero page are incompatible with @safe
code.
So we can't have @safe in shared libraries on Linux? Because
there's no way for the shared lib author to know what programs
using it are going to do.
You can't guarantee @safe on such processes or systems. It has
to be assumed by the compiler that your provided code doesn't
happen.
It's not that we can't have @safe because of what someone might
do, it's that @safe guarantees can only work if you don't do
such things.
Which essentially means that any library written in @safe D
exposing a C API needs to write in big fat red letters "Don't do
this or you break our safety guarantees".
It is nice to be aware of these possibilities, since they could
be an effective attack on D @safe code.
Well, yeah, that's the consequence of @safe correctness depending
on UB always resulting in a crash.
