2.5.7 Safety

The keyword UNSAFE can precede the declaration of any interface or module to indicate that it is unsafe; that is, uses the unsafe features of the language. An interface or module not explicitly labeled UNSAFE is called safe.

An interface is intrinsically safe if there is no way to produce an unchecked runtime error by using the interface in a safe module. If all modules that export a safe interface are safe, the compiler guarantees the intrinsic safety of the interface. If any of the modules that export a safe interface are unsafe, it is the programmer, rather than the compiler, who makes the guarantee.

It is a static error for a safe interface to import an unsafe one or for a safe module to import or export an unsafe interface.



m3-support@elego.de