Code Safety Attributes

You will learn about the code safety attributes that a function provides in this lesson.

We'll cover the following

@safe, @trusted, and @system are about the code safety that a function provides. As with purity, the compiler infers the safety level of templates, delegates, anonymous functions, and auto functions.

@safe functions

A class of programming errors involves corrupting data at unrelated locations in memory by writing at those locations unintentionally. Such errors are mostly due to mistakes made in using pointers and applying type casts.

@safe functions guarantee that they do not contain any operation that may corrupt memory. The compiler does not allow the following operations in @safe functions:

Pointers cannot be converted to other pointer types other than void*.
A non-pointer expression cannot be converted to a pointer value.
Pointer values cannot be changed (No pointer arithmetic is allowed; however, assigning a pointer to another pointer of the same type is safe.)
Unions that have pointer or reference members cannot be used.
Functions marked as @system cannot be called.
Exceptions that are not descended from Exception cannot be caught.
Inline assembler cannot be used.
Mutable variables cannot be cast to immutable.
Immutable variables cannot be cast to mutable.
Thread-local variables cannot be cast to shared.
Shared variables cannot be cast to thread-local.
Addresses of function-local variables cannot be taken.
__gshared variables cannot be accessed.

@trusted functions

Some functions may actually be safe but cannot be marked as @safe for various reasons. For example, a function may have to call a library written in C, where no language support exists for safety in that language.

Some other functions may actually perform operations that are not allowed in @safe code, but they may be well tested and trusted to be correct.

@trusted is an attribute that communicates to the compiler that although the function cannot be marked as @safe, consider it safe. The compiler trusts the programmer and treats @trusted code as if it is safe. For example, it allows @safe code to call @trusted code.

@system functions

Any function that is not marked as @safe or @trusted is considered @system, which is the default safety attribute.

Get hands-on with 1400+ tech skills courses.

Introduction

Lifetimes, null Value and the is Operator

Type Conversions

Structs

Variable Number of Parameters

Function Overloading and Member Functions

Constructor and Other Special Functions

Operator Overloading

Introduction to Classes

Inheritance

The Object Class

Interfaces

destroy and scoped

Modules and Libraries

Encapsulation and Protection Attributes

UFCS, Properties and Contract Programming

Templates

Pragmas, alias and with

Pointers

Bit Operations

Conditional Compilation

Function Pointers, Delegates, and Lambdas

foreach with Structs and Classes

Unions, Labels, goto and Tuples

More Templates

More Functions

Mixins

Ranges

static foreach and Parallelism

Message Passing Concurrency

Data Sharing Concurrency

Fibers

Memory Management

User Defined Attributes (UDA) and Operator Precedence

Conclusion

Code Safety Attributes

@safe functions

@trusted functions

@system functions