On Friday, 27 February 2015 at 21:09:51 UTC, H. S. Teoh wrote:
No, what I meant was that in an "assume safe unless proven
otherwise"
system, there's bound to be holes because the combinatorial
explosion of
feature combinations makes it almost certain there's *some*
unsafe
combination we haven't thought of yet that the compiler
currently
accepts. And it may be a long time before we discover this flaw.
To be back to the original problem, there are various instances
of:
- A is safe and useful in safe code, let's not making it unsafe !
- B is safe and useful in safe code, let's not making it unsafe !
Yet A and B may be unsafe used together, so one of them should be
made unsafe. You ends up in the same situation than exposed in
the first post.
