specify @trusted functions must have @safe interface#3076
specify @trusted functions must have @safe interface#3076dlang-bot merged 1 commit intodlang:masterfrom
Conversation
|
Thanks for your pull request, @WalterBright! Bugzilla referencesYour PR doesn't reference any Bugzilla issue. If your PR contains non-trivial changes, please reference a Bugzilla issue or create a manual changelog. |
|
Thanks @WalterBright! FWIW here is the phrasing that was deleted from the spec when changes were made to reflect -dip1000: |
spec/memory-safe-d.dd
Outdated
| `@safe` functions. For this reason they should be very limited in the scope of their use. Typical uses of | ||
| `@trusted` functions include wrapping system calls that take buffer pointer and length arguments separately so that | ||
| @safe` functions may call them with arrays.) | ||
| @safe` functions may call them with arrays. `@trusted` functions must have an `@safe` interface.) |
There was a problem hiding this comment.
It might be better to phrase this as:
`@trusted` functions must have a safe interface
or:
`@trusted` functions must have a memory-safe interface
to avoid confusion between safe and @safe (if that makes sense). Cf. how things were phrased in the original version of the spec (link in separate comment by me).
There was a problem hiding this comment.
Would it be useful to provide an example of a "memory-safe interface"?
There was a problem hiding this comment.
Would it be useful to provide an example of a "memory-safe interface"?
We already have examples on another page: https://dlang.org/spec/function.html#safe-interfaces. Don't repeat all that. Just link there.
6 participants
Fix omission from #2453 (comment)