@trusted considered harmful

Jonathan M Davis jmdavisProg at gmx.com
Fri Jul 27 20:34:30 PDT 2012


On Friday, July 27, 2012 23:28:17 Michel Fortin wrote:
> On 2012-07-28 03:24:58 +0000, Michel Fortin <michel.fortin at michelf.ca> said:
> > On 2012-07-28 00:08:28 +0000, "David Nadlinger" <see at klickverbot.at> said:
> >> @trusted in its current form needs to go. Its design is badly broken,
> >> as it leaks implementation details and encourages writing unsafe code.
> > 
> > @trusted is a dangerous thing. Since the first time I tried to use it,
> > I always found it troublesome. I agree it needs to be a scope. And for
> > backward compatibility, a @trusted function should be exactly the same
> > as a @safe function where the whole body is wrapped in a @trusted scope.
> 
> And when I say it "needs to be a scope", what I meat is a block. I
> don't think it should be a new scope unless someone finds a good reason
> for it (unsafe struct destructors?)

If you need another scope, you can always just use a second set of braces, but 
if an @trusted block introduces another scope, there's no way to make it _not_ 
introduce one (not without adding more syntax to make it not introduce one 
anyway).

- Jonathan M Davis


More information about the Digitalmars-d mailing list