Why hide a trusted function as safe?
Joseph Rushton Wakeling via Digitalmars-d-learn
digitalmars-d-learn at puremagic.com
Sun Jul 26 05:28:35 PDT 2015
On 26/07/15 14:24, Adam D. Ruppe via Digitalmars-d-learn wrote:
> If the whole function is marked @trusted, the compiler doesn't try to check it
> at all - it just takes your word for it.
>
> There was a bit of argument about this a while ago in bugzilla, not everyone
> agrees it is a good idea. I don't remember where though.
If I recall right, the argument wasn't over the principle of trying to isolate
the @trusted bits, but that @trusted was being used only to wrap up the
particular function call that was technically triggering @system stuff, rather
than the entirety of what actually needed to be trusted.
I can't remember a good example off the top of my head, but no doubt the stuff
is there in the bugzilla reports ;-)
More information about the Digitalmars-d-learn
mailing list