19: Unsafe Scopes - royal-lang/rl GitHub Wiki

Certain functionality is only allowed in unsafe scopes.

Functions with unsafe scopes can only be called from unsafe scopes themselves, unless the function itself is trusted.

A trusted function is a function that may use unsafe behavior but is verified as safe.

Generally you should only mark a function with the trusted attribute if you are sure that it's safe.

Functionality only allowed in unsafe scopes:

• Pointers (Ex. Pointer Arithmetic)
• Calling internal functions.
• Calling external functions.
• Manual Memory Management
• Accessing global declared variables. (Not shared - since they are safe.) (Not thread-local globals.)
• Inline Assembly

unsafe
{
    ...
}

Example:

fn int unsafeFunction()
{
    include "c_header.h";

    internal fn int cFunction();

    unsafe
    {
        return cFunction();
    }
}

var int a = unsafeFunction(); // Error. Cannot call unsafe function from safe scope.

unsafe
{
    var int b = unsafeFunction(); // Okay.
}

trusted:
fn int trustedFn()
{
    unsafe
    {
        return unsafeFunction();
    }
}

var int c = trustedFn(); // Okay in safe scope.