Discussion Thread: DIP 1028--Make @safe the Default--Final Review
Steven Schveighoffer
schveiguy at gmail.com
Sun Apr 5 14:29:40 UTC 2020
On 4/5/20 6:17 AM, Arafel wrote:
> ```d
> extern(C) void foo(int **i); /* unsafe, but assumed @safe, or more
> properly, @trusted- */
> extern(C) void bar(int **i) { /* properly checked, why not assume the
> user did it? */
> *i = cast (int *) 0xDEADBEEF;
> }
Just to clarify, the DIP marks all functions @safe by default, which
means bar will fail to compile.
In my proposal to change it, bar would compile, both it and foo would be
marked @system (even in the cases where bar was actuallly @safe).
>
> void main() @safe {
> int **i;
> foo(i); // OK: Here we assume the user verified the function
> bar(i); // ERROR: Here we don't!!
> }
> ```
The compiler won't get this far, bar will fail first.
-Steve
More information about the Digitalmars-d
mailing list