Determining @trusted-status
Johannes Loher
johannes.loher at fg4f.de
Fri May 29 04:13:19 UTC 2020
On Friday, 29 May 2020 at 00:09:56 UTC, Clarice wrote:
> It seems that @safe will be de jure, whether by the current
> state of DIP1028 or otherwise. However, I'm unsure how to
> responsibly determine whether a FFI may be @trusted: the type
> signature and the body. Should I run, for example, a C library
> through valgrind to observe any memory leaks/corruption? Is it
> enough to trust the authors of a library (e.g. SDL and OpenAL)
> where applying @trusted is acceptable?
> There's probably no one right answer, but I'd be very thankful
> for some clarity, regardless.
In theory, you should probably actually verify the code of the
library you are using by any means. That can be very broad and
range from looking at the code, using static analysis tools,
valgrind to fuzzing.
In practice, it really depends on how certain you need to be that
your code is free of memory corruption errors and how much you
trust the authors of the library (however, if they don't claim to
have a safe interface, don't assume anything ;)).
More information about the Digitalmars-d-learn
mailing list