Discussion Thread: DIP 1028--Make @safe the Default--Final Review
Arafel
er.krali at gmail.com
Sun Apr 5 10:17:16 UTC 2020
On 5/4/20 12:06, Arafel wrote:
> ```d
> extern(C) void foo(); /* assumed @safe, or more properly, @trusted- */
> extern(C) void bar() { } /* assumed @system, why not @trusted as well? */
>
> void main() @safe {
> foo(); // OK: Here we assume the user verified the function
> bar(); // ERROR: Here we don't!!
> }
> ```
>
> Don't you find this inconsistent and confusing? For sure I do.
>
> A.
My bad, in this case bar() would be assumned @safe and verified as well,
and it would work. A better example would be:
```c
void foo(int **i) { /* assumed @trusted! */
*i = 0xDEADBEEF;
}
```
```d
extern(C) void foo(int **i); /* unsafe, but assumed @safe, or more
properly, @trusted- */
extern(C) void bar(int **i) { /* properly checked, why not assume the
user did it? */
*i = cast (int *) 0xDEADBEEF;
}
void main() @safe {
int **i;
foo(i); // OK: Here we assume the user verified the function
bar(i); // ERROR: Here we don't!!
}
```
More information about the Digitalmars-d
mailing list