The "@safe vs struct destructor" dilemma
Nick Sabalausky
SeeWebsiteToContactMe at semitwist.com
Sat Apr 12 18:30:50 PDT 2014
On 4/12/2014 7:08 PM, Dicebot wrote:
> On Saturday, 12 April 2014 at 22:02:26 UTC, Nick Sabalausky wrote:
>> *Now* doStuff can be marked @safe and enjoy all the special checks
>> that @safe provides.
>
> _and_ is terribly wrong because it is not guaranteed to be @safe for all
> use cases, braking type system once used anywhere but "special" functions.
>
If, as you say, this is wrong:
----------------------------------
@system auto foo() {...}
// Note, I meant for trustedWrapperWhatever to be private
// and placed together with doStuff. Obviously not a public
// func provided by foo's author.
@trusted private auto trustedWrapperFoo(...) {...}
@safe void doStuff() {
...stuff...
// Yes, as the author of doStuff, I'm acknowledging
// foo's lack of @safe-ty
trustedWrapperFoo();
...stuff...
}
----------------------------------
Then how could this possibly be any better?:
----------------------------------
@system auto foo() {...}
@trusted void doStuff() {
...stuff...
foo();
...stuff...
}
----------------------------------
The former contains extra safety checks (ie, for everything in
"...stuff...") that the latter does not. The former is therefore better.
More information about the Digitalmars-d
mailing list