On 2/1/2017 6:39 AM, Cody Laeder wrote:
The _traditional_ C-like memcpy [3] in the stdlib. It is unsafe, and carries no side effects for the src buffer. It enforces type safety, but it cannot enforce memory safety as you can blow past the allocation side on your dst buffer (hence why it is unsafe).
It also does not guarantee the function does not save a copy of those pointers and dereference them later.
Programmers "know" this to be true for memcpy, but the compiler cannot know this from the Rust (or C) declaration. The D version does present this guarantee by annotating it with 'pure'.
This matters because such a saved pointer can become a dangling reference - a memory corruption bug waiting to happen.
[Note: in Rust, functions marked 'unsafe' may store copies of their arguments in globals. 'safe' functions may not access mutable global storage.]
