Help, what is the code mean?

Jonathan M Davis newsgroup.d at
Tue Apr 28 19:24:29 UTC 2020

On Monday, April 27, 2020 9:52:32 AM MDT drug via Digitalmars-d-learn wrote:
> 27.04.2020 18:28, data pulverizer пишет:
> > I'm probably not the first person to say this but. Isn't @trusted an odd
> > label to give unsafe functions and open to abuse by unscrupulous
> > programmers? It almost says "nothing to see, this here piece of code is
> > a-ok". Shouldn't it be explicitly labelled as @unsafe?
> It says "this piece of code is verified by its author manually so you
> (the compiler) can trust it is @safe"

Exactly. @trusted isn't about marking something as not being memory safe.
The compiler already treats anything as not being memory safe if it can't
verify that it's memory safe. It's about the programmer telling the compiler
that they've verified that it's memory safe even though the compiler
couldn't. The code that neither the programmer nor the compiler has verified
to be memory safe is @system. So, if we had the attribute @unsafe, it would
have been instead of @system, not @trusted.

And ultimately, @trusted is not about telling anyone that there's "nothing
to see." If anything, it's the opposite. @trusted code is the primary place
that has to be examined when you have a memory bug in your code (or think
that you have one). Barring bugs in the compiler, it should not be possible
for @safe code to do anything that's memory unsafe, so when looking for
memory safety bugs, it's the @trusted code that has to be examined to make
sure that it actually is memory safe and that the programmer didn't use
@trusted correctly.

- Jonathan M Davis

More information about the Digitalmars-d-learn mailing list