On 6/21/14 4:05 PM, Cameron Zwarich wrote:
Another big problem with implicit copy constructors is that they make it very difficult to write correct unsafe code. When each use of a variable can call arbitrary code, each use of a variable can trigger unwinding. You then basically require people to write the equivalent of exception-safe C++ in unsafe code to preserve memory safety guarantees, and it’s notoriously difficult to do that.
Yes, I kind of wonder whether it is better to do something more targeted to Rc (for example, making copy constructors always unsafe—they are for Rc anyhow—and saying that unwinding is UB, or adopting something more like Obj-C/Swift ARC than C++ copy constructors or D postblit). C++ has sometimes gotten into trouble offering large sweeping "metafeatures" (e.g. ADL, SFINAE) when small targeted features could suffice.
But honestly, I'm pretty happy with the status quo, especially for 1.0. Not to imply that Servo is the only use case that matters, of course, but when it comes to RC, the status quo isn't hurting Servo in my experience (and, in fact, the explicit clones are quite important for layout); if anything, what hurts Servo is integration with the JavaScript *GC*, and fluent integration with an external garbage collector in a systems language is an unsolved research problem as far as I'm concerned.
Patrick _______________________________________________ Rust-dev mailing list Rust-dev@mozilla.org https://mail.mozilla.org/listinfo/rust-dev
