--- Comment #55 from Steven Schveighoffer <> 2012-06-04 
13:34:50 PDT ---
(In reply to comment #53)
> (In reply to comment #51)
> > (In reply to comment #48)
> > > Here, calling gun needs to be safe under _any_ circumstances.
> > 
> > No, it does not.  Once you use @trusted, the compiler stops checking that 
> > it's
> > @safe.
> Yes, it does. As you noted correctly, you as the one implementing gun() must
> take care of that, the compiler doesn't help you here. But still, you must
> ensure that gun() never violates memory safety, regardless of what is passed
> in, because otherwise it might cause @safe code to be no longer memory safe.

I think I misunderstood your original point.  I thought you were saying that
gun must be *prevented from* modifying other memory relative to its parameter. 
Were you simply saying that gun is not stopped by the compiler, but must avoid
it in order to maintain safety?  If so, I agree, for your example.

I can also see that my response was misleading.  I did not mean it should not
be safe, I meant it's not enforced as safe.  Obviously something that is
@trusted needs to maintain safety.

> On a related note, the distinction between @safe and @trusted (especially the
> difference in mangling) is a horrible abomination and should die in a fire.
> @safe and @system are contracts, @trusted is an implementation detail – mixing
> them makes no sense.

I'm not sure what you're saying here, but @trusted is *definitely* needed.

Configure issuemail:
------- You are receiving this mail because: -------

Reply via email to