@trusted assumptions about @safe code
Arafel
er.krali at gmail.com
Wed May 27 17:25:58 UTC 2020
On 27/5/20 19:02, ag0aep6g wrote:
> I'm pretty sure that you agree with this: When we call C's strlen like
> so: `strlen("foo\0".ptr)`, we can assume that the result will be 3,
> because strlen is documented to behave that way.
>
There's one big difference: in @safe there are bound checks by default,
so even if you as the programmer assume that `strlen` will return the
right value, the compiler is still inserting checks at every access:
```
@safe void safeFunc() {
string foo = "foo\0");
auto len = strlen(foo);
auto bar = foo[0..len - 1]; // It'll be checked even in -release mode
}
@trusted void trustedFunc() {
string foo = "foo\0");
auto len = strlen(foo);
auto bar = foo[0..len - 1];
}
```
So it's not that you needn't checks in @safe code, it's that they are
added automatically.
More information about the Digitalmars-d
mailing list