@system blocks and safer @trusted (ST) functions
Paul Backus
snarwin at gmail.com
Mon Jul 26 18:59:45 UTC 2021
On Monday, 26 July 2021 at 15:54:06 UTC, Steven Schveighoffer
wrote:
> Consider that the posix function `read` has the specification
> that it will read data from a file descriptor, put the data
> into a passed-in buffer, *up to* the amount of bytes indicated
> in the third parameter. Its prototype is:
>
> ```d
> @system extern(C) int read(int fd, void *ptr, size_t nBytes);
> ```
>
> Without reading the code of `read`, you must conclude from the
> specification that it does what it says it should do, and not
> say, ignore `nBytes` and just use the pointed-at data for as
> many bytes as it wants. [...]
> It's no different from `favoriteNumber`.
The difference between POSIX `read` and `favoriteNumber` is that
you *can* read the source code of `favoriteNumber`. It's
literally right there, in the same module. That's the entire
reason why you can be certain it returns `42`.
If `favoriteNumber` and `favoriteElement` were in different
modules, your argument would be correct, because
`favoriteElement` could no longer be certain about which version
of `favoriteNumber` it was calling.
More information about the Digitalmars-d
mailing list