@trusted and return ref
Steven Schveighoffer via Digitalmars-d-learn
digitalmars-d-learn at puremagic.com
Mon Mar 2 13:25:58 PST 2015
On 3/2/15 3:38 AM, Kagamin wrote:
> On Friday, 27 February 2015 at 14:52:56 UTC, Steven Schveighoffer wrote:
>>> The counter is freed in the destructor, nothing can happen after that.
>>
>> So the code is now etched in stone and cannot be changed? Is there an
>> attribute for that? :P
>
> Changes introduces in the destructor shouldn't affect other code,
> because nothing can happen after the destructor.
Then you didn't grok my point:
(()@trusted => count = new int)();
...
someOtherMember = count; // no @trusted needed here!
...
auto x = rcarray.someOtherMember; // oops, details leaked
...
~this() { ... /* destroy count via trusted */ }
...
*x += 1; // oops, still have a dangling pointer, and this can be @safe
The point is that, EVERY change to the @safe code inside RCArray has to
be reviewed with this consideration (i.e. see if it makes a copy of
count). And that means @safe code needs to be reviewed for safety --
something Walter does not want.
-Steve
More information about the Digitalmars-d-learn
mailing list