@trust is an encapsulation method, not an escape

Walter Bright via Digitalmars-d digitalmars-d at puremagic.com
Fri Feb 6 14:52:59 PST 2015


On 2/6/2015 2:39 PM, Meta wrote:
> On Friday, 6 February 2015 at 22:24:48 UTC, Walter Bright wrote:
>> Rust has "unsafe" blocks with specific instructions that it cannot be verified
>> mechanically and it is up to the programmer to ensure a safe interface to it.
>>
>> So no, Rust didn't get that working, either, and it is far beyond current
>> compiler technology to do it.
>
> Rust guarantees, though, that all code outside of unsafe blocks/functions is
> completely safe, which D doesn't do because of trusted. I think that `unsafe` in
> Rust is more like @trust in D, but I'm not completely sure about that.

Rust guarantees no such thing, because it is explicitly up to the Rust 
programmer to verify a safe interface to unsafe code blocks.

It is no different from the D @trusted programmer verifying a safe interface to 
@trusted code.


More information about the Digitalmars-d mailing list