On Saturday, 16 July 2016 at 21:52:02 UTC, Walter Bright wrote:
I've seen SAL before, but have not studied it. My impression is
it is much more complex than necessary. For example,
https://msdn.microsoft.com/en-us/library/hh916383.aspx
describes annotations to memcpy(). I believe these are better
handled by use of dynamic arrays and transitive const.
I suppose in case of memcpy the compiler can catch (at the caller
side) the case when the destination buffer has insufficient size,
while D can catch it only at runtime. It's a contract expressed
with a simple grammar.