What exactly does "@safe" mean?

Maxim Fomin maxim at maxim-fomin.ru
Sat Jun 1 14:45:59 PDT 2013


On Saturday, 1 June 2013 at 21:41:40 UTC, Jonathan M Davis wrote:
> They're guaranteed to not introduce any such behavior. They 
> can't possibly
> make any guarantees if the caller did @system operations and 
> passed a bad
> pointer to the @safe function. But if all of the functions in 
> the call stack
> are @safe, and you call an @safe function, then you can't get 
> any memory
> corruption unless it (or a function that it calls) calls an 
> @trusted function
> which was incorrectly verified by the programmer who marked it 
> as @trusted.
>
> - Jonathan M Davis

Updated example from above to show how @safe can introduce UB.

import std.stdio;

class A
{
    int[] data;
    ~this()
    {
       writeln(data);
    }
}

void foo(int[] a) @safe
{
    A x = new A;
    x.data = a;
}

void main() @safe
{
    int[4] y;
    foo(y);
}


More information about the Digitalmars-d mailing list