Heikki Linnakangas wrote:
> The most useful "automatic" annotation I can see is to treat functions
> implementing B-tree operators as safe. I *think* that's safe, anyway.
Index lookups and single-type comparisons were the only things I could
come up with as safe. Unless there is some way to generate an error from
geometric ops (overflow or some such).
Anything involving a type-cast can obviously be finessed. If you allow
arithmetic then you could trigger an overflow or divide-by-zero error.
Hmm - you can probably do something evil with non-UTF8 characters if you
allow string operations. Would string comparisons be safe (because a
literal would be caught before the view gets evaluated)?
-- Richard Huxton Archonet Ltd
