On 03/07/2018 03:01 PM, Paolo Invernizzi wrote:
On Wednesday, 7 March 2018 at 13:32:37 UTC, ag0aep6g wrote:
[...]
I don't think anyone is asking for that. The request is for no UB in @safe code.

Are we asking to statically check things like:

Assign Expressions [1]
Undefined Behavior:
   if the lvalue and rvalue have partially overlapping storage
  if the lvalue and rvalue's storage overlaps exactly but the types are different

If it can't be guaranteed that some code has defined behavior, then it's not allowed in an @safe function (or it should not be allowed). We are not asking for all valid code to be @safe.

Guaranteeing no UB is exactly @safe's purpose. The spec says: "Safe functions are functions that are statically checked to exhibit no possibility of undefined behavior." [1]

Is that doable, in practise?

If you think that's not doable, what do you think @safe should aim for?


[1] https://dlang.org/spec/function.html#function-safety

Reply via email to