On Tuesday, 15 November 2022 at 06:44:16 UTC, Ali Çehreli wrote:
In summary, you are right but the compiler cannot do anything about it in all cases and we wouldn't want it to spend infinite amount of time to try to determine everything.
Well, there's another way to look at it: https://doc.rust-lang.org/book/ch19-01-unsafe-rust.html ('Unsafe Rust exists because, by nature, static analysis is conservative. When the compiler tries to determine whether or not code upholds the guarantees, it’s better for it to reject some valid programs than to accept some invalid programs. Although the code might be okay, **if the Rust compiler doesn’t have enough information to be confident, it will reject the code**. In these cases, you can use unsafe code to tell the compiler, “Trust me, I know what I’m doing.”')
Are you saying that the D safety model is different? In the sense that if the D compiler doesn’t have enough information to be confident, it will accept the code?
