@system blocks and safer @trusted (ST) functions
jfondren
julian.fondren at gmail.com
Sun Jul 25 21:04:38 UTC 2021
On Sunday, 25 July 2021 at 20:36:09 UTC, claptrap wrote:
>
> So...
>
> Call a safe function and get an int.
> Use that int to index into an array with bounds checking turned
> off.
>
> Wheres the memory safety bug? In the function that returns the
> int or in the system code that bypasses bounds checking?
>
The questioner is what's at issue there, not the question.
Questioner #1: someone reviewing a patch that only changes the
@safe function. This reviewer cannot determine from just the
changes, to only @safe functions, that they won't cause the
patched program to develop an out of bounds access.
@safe/@trusted/@system is not really helping this questioner.
Questioner #2: someone reviewing a program with an out of bounds
access. This reviewer doesn't have to examine @safe functions
except when tracing the inputs to a @system block/function where
they isolated the error. @safe/@trusted/@system has potentially
saved this questioner a lot of time with getting an answer to
"Where's the memory safety bug?"
More information about the Digitalmars-d
mailing list