memcpy() comparison: C, Rust, and D
Tobias Müller via Digitalmars-d
digitalmars-d at puremagic.com
Tue Jan 31 22:43:39 PST 2017
Walter Bright <newshound2 at digitalmars.com> wrote:
> Rust says https://doc.rust-lang.org/1.14.0/libc/fn.memcpy.html:
>
> pub unsafe extern fn memcpy(dest: *mut c_void,
> src: *const c_void,
> n: size_t)
> -> *mut c_void
>
>
> [...]
> The Rust declaration does not give us 1, 2 or 4 (because it is marked as
> unsafe). If it was safe, the declaration does not give us 2.
Using an FFI function to compare D vs Rust doesn't tell you much. Foreign
functions are usually not used directly in Rust, they are used to build
safe wrappers that will give you *all* possible guarantees, including type
safety.
As a consequence it's not necessary to augment the C declaration with
additional information.
Marking the function as safe would be wrong in Rust, because dereferencing
raw pointers is unsafe. Raw pointers are not necessarily valid, even in
safe code. You need references for that guarantee. But again, raw pointers
are usually only used for FFI and to build safe abstractions.
Tobi
More information about the Digitalmars-d
mailing list