[Issue 13572] etc.c.zlib must be nothrow

via Digitalmars-d-bugs digitalmars-d-bugs at puremagic.com
Thu Jun 23 06:16:00 PDT 2016


https://issues.dlang.org/show_bug.cgi?id=13572

--- Comment #8 from Steven Schveighoffer <schveiguy at yahoo.com> ---
@trusted means that the call should be considered @safe, but it must call some
@system functions internally. However, the marking means that the @system calls
are properly encapsulated such that the total call is @safe.

If we marked zlib @trusted, then we would be responsible for verifying all the
code is actually @safe.

You are right that if you pass invalid data into a safe function, guarantees
are lost. But we don't need to go there to prove the library is unsafe: the
zalloc and zfree functions can do anything, and the library can call them
whenever they need data. So right there, you can't mark it @trusted.

--


More information about the Digitalmars-d-bugs mailing list