On 2011-02-23 12:01:15 -0500, Andrei Alexandrescu
<seewebsiteforem...@erdani.org> said:
Because a pure unsafe function is useless.
I disagree. Suppose you have a function which is conceptually pure but
requires a temporary 100 Mb matrix of doubles. Wouldn't it make sense
to use malloc/free for this temporary storage instead of using the GC
and risking the block never being collected because of a false pointer
somewhere?
Should a function be prevented from being pure just because the
programmer decided to use some tricks the compiler can't guaranty the
safety of? There might be legitimate reasons for those tricks like
optimization, solving GC memory problems, using special hardware for
some calculation, etc.
@safe has an escape route (@trusted) for when you need to perform these
things. If pure makes a function @safe by default, we need to have an
escape route for it too ("@trusted pure" perhaps?). My only fear is
that pure implying @safe needlessly complicates the attribute system.
--
Michel Fortin
michel.for...@michelf.com
http://michelf.com/
