Join GitHub today
GitHub is home to over 36 million developers working together to host and review code, manage projects, and build software together.Sign up
make Debug and ReleaseSafe modes fully safe #2301
It's always going to be possible to do unsafe things in Zig, because we have inline assembly,
But what if we could eliminate everything else? What if, after enumerating all kinds of undefined behavior (See #1966), we could make all of them safety-checked, with only some obvious exceptions such as inline assembly?
This might turn out to be impossible or impractical, but it's worth investigating.
If we could reduce the unchecked undefined behavior surface to a minimum level, there could be auditing/linting tools to point out where unsafety lies in zig software. It would be possible to say something like, "Debug and ReleaseSafe builds of Zig code are safe (in that they crash rather than have undefined behavior), except for inline assembly and extern function ABI mismatch", or some short list of exceptions.
If the cost of these protections is high, that's what we have
It would be reasonable for these protections to depend on OS-specific behavior, and to be unavailable on some targets, such as freestanding.
Interestingly, this may be related to #130. One current area of unsafety is when you use struct embedding and