--- Comment #55 from Steven Schveighoffer <schvei...@yahoo.com> 2012-06-04
13:34:50 PDT ---
(In reply to comment #53)
> (In reply to comment #51)
> > (In reply to comment #48)
> > > Here, calling gun needs to be safe under _any_ circumstances.
> > No, it does not. Once you use @trusted, the compiler stops checking that
> > it's
> > @safe.
> Yes, it does. As you noted correctly, you as the one implementing gun() must
> take care of that, the compiler doesn't help you here. But still, you must
> ensure that gun() never violates memory safety, regardless of what is passed
> in, because otherwise it might cause @safe code to be no longer memory safe.
I think I misunderstood your original point. I thought you were saying that
gun must be *prevented from* modifying other memory relative to its parameter.
Were you simply saying that gun is not stopped by the compiler, but must avoid
it in order to maintain safety? If so, I agree, for your example.
I can also see that my response was misleading. I did not mean it should not
be safe, I meant it's not enforced as safe. Obviously something that is
@trusted needs to maintain safety.
> On a related note, the distinction between @safe and @trusted (especially the
> difference in mangling) is a horrible abomination and should die in a fire.
> @safe and @system are contracts, @trusted is an implementation detail – mixing
> them makes no sense.
I'm not sure what you're saying here, but @trusted is *definitely* needed.
Configure issuemail: http://d.puremagic.com/issues/userprefs.cgi?tab=email
------- You are receiving this mail because: -------