Should phobos functions generally be @safe or @trusted?
Chris Wright via Digitalmars-d
digitalmars-d at puremagic.com
Thu Jan 21 19:43:53 PST 2016
I wanted to use std.array.insertInPlace in a @safe module. It's not
marked @safe or @trusted. The string implementation uses pointer
arithmetic, and the non-string implementation uses memmove.
Should things like this be marked @trusted in general?
Presumably if a function isn't memory-safe, it doesn't just cause memory
errors arbitrarily; there's likely something the caller has to do to
ensure the function doesn't crash or cause memory corruption. It seems
like that should be documented. When it's not documented, I start feeling
a bit paranoid.
Should it be a bug if a non- at safe, non- at trusted function doesn't document
what you need to do to call it safely?
More information about the Digitalmars-d
mailing list