http://d.puremagic.com/issues/show_bug.cgi?id=8185
--- Comment #55 from Steven Schveighoffer <schvei...@yahoo.com> 2012-06-04 13:34:50 PDT --- (In reply to comment #53) > (In reply to comment #51) > > (In reply to comment #48) > > > Here, calling gun needs to be safe under _any_ circumstances. > > > > No, it does not. Once you use @trusted, the compiler stops checking that > > it's > > @safe. > > Yes, it does. As you noted correctly, you as the one implementing gun() must > take care of that, the compiler doesn't help you here. But still, you must > ensure that gun() never violates memory safety, regardless of what is passed > in, because otherwise it might cause @safe code to be no longer memory safe. I think I misunderstood your original point. I thought you were saying that gun must be *prevented from* modifying other memory relative to its parameter. Were you simply saying that gun is not stopped by the compiler, but must avoid it in order to maintain safety? If so, I agree, for your example. I can also see that my response was misleading. I did not mean it should not be safe, I meant it's not enforced as safe. Obviously something that is @trusted needs to maintain safety. > On a related note, the distinction between @safe and @trusted (especially the > difference in mangling) is a horrible abomination and should die in a fire. > @safe and @system are contracts, @trusted is an implementation detail – mixing > them makes no sense. I'm not sure what you're saying here, but @trusted is *definitely* needed. -- Configure issuemail: http://d.puremagic.com/issues/userprefs.cgi?tab=email ------- You are receiving this mail because: -------