@trust is an encapsulation method, not an escape
Vladimir Panteleev via Digitalmars-d
digitalmars-d at puremagic.com
Fri Feb 6 01:01:45 PST 2015
On Friday, 6 February 2015 at 08:58:05 UTC, Walter Bright wrote:
> On 2/6/2015 12:31 AM, Kagamin wrote:
>> On Thursday, 5 February 2015 at 23:39:39 UTC, Walter Bright
>> wrote:
>>> static void trustedMemcopy(T[] dest, T[] src) @trusted
>>> {
>>> assert(src.length == dest.length);
>>> memcpy(dest.ptr, src.ptr, src.length * T.sizeof);
>>> }
>>
>> Should be enforce: assert doesn't guard against malicious
>> usage.
>
> Cue my endless attempts to explain the difference between input
> errors and logic errors :-(
So which one is it?
On one hand, it is clearly a logic error - passing arrays of
different length is clearly a program bug.
On the other hand, this is a library function, and as you said,
we can't know how it's going to be used - so the check has to be
unconditional.
More information about the Digitalmars-d
mailing list