Safety, undefined behavior, @safe, @trusted

Walter Bright newshound1 at digitalmars.com
Thu Nov 5 14:29:52 PST 2009


Adam D. Ruppe wrote:
> With safe by default, you'd probably make existing code compile just by
> slapping @trusted: at the top and being done with it. That's not actually
> safe - you're just telling the compiler to shut up about it.

That's right, and it's exactly what happened when Java required 
exception specifications for all thrown exceptions. It's viral, and 
people would just write wrappers to catch/ignore all exceptions, 
intending to "fix it" later.

But the fixing later never came, and the app would silently ignore all 
errors.



More information about the Digitalmars-d mailing list