@system blocks and safer @trusted (ST) functions

Bruce Carneal bcarneal at gmail.com
Sun Jul 25 14:19:47 UTC 2021

On Sunday, 25 July 2021 at 13:42:52 UTC, Paul Backus wrote:
> On Sunday, 25 July 2021 at 12:56:33 UTC, Bruce Carneal wrote:
>> As hopefully understood from my earlier comments, these are, 
>> qualitatively, not the same thing.  You will still have to 
>> check a conversion to a new style @trusted function manually 
>> of course, no work savings there, but you'd gain something 
>> pretty important: the compiler's assertions regarding your 
>> remaining @safe code might actually mean something.
> Memory safety is a global property. If even a single line of 
> your new-style `@system`-block (or old-style `@trusted` lambda) 
> causes undefined behavior, it does not matter one bit what the 
> compiler asserts about the `@safe` code in your program: the 
> entire process is corrupted.

I do not know of any competent programmer who would say otherwise.

I also do not know what this has to do with a discussion 
regarding debasing/improving @safe.  What am I missing?

More information about the Digitalmars-d mailing list