@trusted and return ref

Steven Schveighoffer via Digitalmars-d-learn digitalmars-d-learn at puremagic.com
Mon Mar 2 13:25:58 PST 2015


On 3/2/15 3:38 AM, Kagamin wrote:
> On Friday, 27 February 2015 at 14:52:56 UTC, Steven Schveighoffer wrote:
>>> The counter is freed in the destructor, nothing can happen after that.
>>
>> So the code is now etched in stone and cannot be changed? Is there an
>> attribute for that? :P
>
> Changes introduces in the destructor shouldn't affect other code,
> because nothing can happen after the destructor.

Then you didn't grok my point:

(()@trusted => count = new int)();

...

someOtherMember = count; // no @trusted needed here!

...

auto x = rcarray.someOtherMember; // oops, details leaked

...

~this() { ... /* destroy count via trusted */ }

...

*x += 1; // oops, still have a dangling pointer, and this can be @safe

The point is that, EVERY change to the @safe code inside RCArray has to 
be reviewed with this consideration (i.e. see if it makes a copy of 
count). And that means @safe code needs to be reviewed for safety -- 
something Walter does not want.

-Steve


More information about the Digitalmars-d-learn mailing list