On Thursday, 11 July 2019 at 19:37:38 UTC, Nathan S. wrote:
If you know that what you're doing cannot result in memory
corruption but the compiler cannot automatically infer @safe,
it is appropriate to use @trusted. (For this case make sure
you're not returning the byte slices, since if the arguments
were allocated on the stack you could end up with a pointer to
an invalid stack frame. If it's the caller's responsibility to
ensure the slice doesn't outlive the struct then it is the
caller that should be @trusted or not.)
Yes, @trusted is an option. I mean it's a good solution, but from
the standpoint of the language user, it seems unfortunate that
for the case static types
@trusted has to be used while the array one can be @safe:
int memcmp(T)(const T[] s1, const T[] s2) @safe
{
const byte[] s1b = (cast(const(byte[]))s1)[0 .. s1.length *
T.sizeof];
const byte[] s2b = (cast(const(byte[]))s2)[0 .. s2.length *
T.sizeof];
}
