Discussion Thread: DIP 1028--Make @safe the Default--Final Review
Jonathan M Davis
newsgroup.d at jmdavisprog.com
Fri Apr 3 15:39:23 UTC 2020
On Friday, April 3, 2020 3:50:39 AM MDT Walter Bright via Digitalmars-d
wrote:
> On 3/27/2020 5:32 AM, aliak wrote:
> > So my understanding is if extern (C) is applied on a function
> > declaration, then an annotation is explicitly required?
>
> No. Without an explicit annotation, it will be the default (@safe).
Which is really, really bad, because it means that the compiler is basically
slapping @trusted on all extern(C) declarations. It's introducing a hole in
@safe, and there is absolutely no reason to do so. IMHO, _nothing_ should
ever be marked with @safe (explicitly or implicitly) unless the compiler has
actually verified that it's memory safe. As such, non-extern(D) declarations
should either be @system or @trusted, and @trusted needs to be done by the
programmer, because it indicates that the programmer is saying that they
verified that it was memory safe. It makes no sense for the compiler to ever
treat extern(C) declarations as if they were marked with @safe. For the
compiler to treat them as @safe means that it's is lying about what it's
verified.
- Jonathan M Davis
More information about the Digitalmars-d
mailing list