@trusted attribute should be replaced with @trusted blocks

IGotD- nise at nise.com
Wed Jan 15 23:24:38 UTC 2020

On Wednesday, 15 January 2020 at 23:01:57 UTC, Joseph Rushton 
Wakeling wrote:
> Presumably your programs are therefore self-crafted binary, 
> since you couldn't possibly trust the humans who wrote the 
> standard library to write valid code, or the compiler writers 
> to translate it correctly into machine instructions? :-)

@safe is a subset of D that guarantees no memory corruption. The 
only way to ensure this is if the compiler have all the source 
code (will object code also work?) and can check that all the 
calls are also @safe. If this condition is not met, it is not 
safe by definition. @trusted code has reduced memory guarantees 
and can also call unsafe code further along the line and 
therefore unsafe.

@trusted is therefore impossible and the criteria cannot be met. 
It's just a badge meaning nothing.

> I think you're getting caught up on the choice of terminology.  
> It's just a hierarchy of guarantees:

No, I'm caught up in the semantics. I see that a condition cannot 
be met and therefore unnecessary. @trusted is an oxymoron.

More information about the Digitalmars-d mailing list