@system blocks and safer @trusted (ST) functions

Paul Backus snarwin at gmail.com
Mon Jul 26 18:59:45 UTC 2021

On Monday, 26 July 2021 at 15:54:06 UTC, Steven Schveighoffer 
> Consider that the posix function `read` has the specification 
> that it will read data from a file descriptor, put the data 
> into a passed-in buffer, *up to* the amount of bytes indicated 
> in the third parameter. Its prototype is:
> ```d
> @system extern(C) int read(int fd, void *ptr, size_t nBytes);
> ```
> Without reading the code of `read`, you must conclude from the 
> specification that it does what it says it should do, and not 
> say, ignore `nBytes` and just use the pointed-at data for as 
> many bytes as it wants. [...]
> It's no different from `favoriteNumber`.

The difference between POSIX `read` and `favoriteNumber` is that 
you *can* read the source code of `favoriteNumber`. It's 
literally right there, in the same module. That's the entire 
reason why you can be certain it returns `42`.

If `favoriteNumber` and `favoriteElement` were in different 
modules, your argument would be correct, because 
`favoriteElement` could no longer be certain about which version 
of `favoriteNumber` it was calling.

More information about the Digitalmars-d mailing list