Why hide a trusted function as safe?
Adam D. Ruppe via Digitalmars-d-learn
digitalmars-d-learn at puremagic.com
Sun Jul 26 05:24:33 PDT 2015
On Sunday, 26 July 2015 at 11:38:31 UTC, simendsjo wrote:
> Is there a reason why you would hide the fact that a function
> is trusted rather than safe? Technically it doesn't matter,
> right? To me, it seems like this would give wrong assumptions
> to the caller.
The Phobos idiom you've seen there is to have little trusted
blocks inside an otherwise safe function. (That specific example
seems unnecessary since there's no other code around it, but
often the @trusted part is just a small bit of the whole
function.)
The idea is to get the @safe checks for everywhere you can, then
use the @trusted delegate to escape from that for just a couple
lines so you manually check that part while having more
confidence in the rest of the function.
If the whole function is marked @trusted, the compiler doesn't
try to check it at all - it just takes your word for it.
There was a bit of argument about this a while ago in bugzilla,
not everyone agrees it is a good idea. I don't remember where
though.
More information about the Digitalmars-d-learn
mailing list