@system blocks and safer @trusted (ST) functions
claptrap
clap at trap.com
Sun Jul 25 22:05:26 UTC 2021
On Sunday, 25 July 2021 at 21:32:00 UTC, Paul Backus wrote:
> On Sunday, 25 July 2021 at 20:36:09 UTC, claptrap wrote:
>> So no that doesn't prove what you say it does, it doesn't mean
>> favouriteNumber needs checking, it means the @system block
>> needs checking. favouriteNumber knows nothing about the array
>> length, to assume it does or it should is bad design.
>
> Strictly speaking, you're right; it is the `@system` block that
> needs checking, not `favoriteNumber`.
>
> However, any time you change `favoriteNumber`, you have to
> *re-check* the `@system` block. From a maintenance perspective,
> this is no different from `favoriteNumber` itself requiring
> manual checking--if someone submits a PR that changes
> `favoriteNumber`, and you accept it without any manual review,
> you risk introducing a memory-safety bug.
Im sorry but it's nonsense.
You get an OOB error, it points you at the system block, you add
bounds checking, job done.
Changing favouriteNumber doesnt introduce a bug, the bug was
*already* there in the system block.
You cant expect favouriteNumber to be responsible for other code
doing stupid things with its result.
More information about the Digitalmars-d
mailing list