@system blocks and safer @trusted (ST) functions
Dominikus Dittes Scherkl
dominikus at scherkl.de
Mon Jul 26 09:08:05 UTC 2021
On Sunday, 25 July 2021 at 17:47:40 UTC, Paul Backus wrote:
> ```d
> @system {
> return array.ptr[favoriteNumber()];
> }
> ```
>
> I make the following claims:
>
> 1. This code is memory-safe.
No, it's not. You use something that is not a literal, so it may
change.
Even for a constant this should be checked for each new compile.
I would do that even if it actually were a literal, but here we
have a function call!
The definition of the called function may be far away. How would
this ever pass a review?
The only way to make this memory safe, is to actually test it:
```d
@system {
assert(array.length > favoriteNumber());
return array.ptr[favoriteNumber()];
}
```
More information about the Digitalmars-d
mailing list