@system blocks and safer @trusted (ST) functions

Paul Backus snarwin at gmail.com
Mon Jul 26 13:54:33 UTC 2021


On Monday, 26 July 2021 at 11:02:48 UTC, Steven Schveighoffer 
wrote:
> However, with a specification of `favoriteNumber`, 
> `favoriteElement` can be reviewed as correct:
>
> ```d
> /// Returns: a size_t between 0 and 49, inclusive
> size_t favoriteNumber() @safe;
>
> ...
> ```

If your theory of memory safety leads you to conclude that the 
presence or absence of a comment can make otherwise-unsafe code 
memory safe, you have taken a wrong turn somewhere in your 
reasoning.

I agree with you that the version with the comment is better, 
more maintainable code, and that we should hold our code to such 
standards in code review. But bad and hard-to-maintain code can 
still be memory safe (that is: free from possible UB).


More information about the Digitalmars-d mailing list