@trust is an encapsulation method, not an escape
Walter Bright via Digitalmars-d
digitalmars-d at puremagic.com
Thu Feb 5 21:32:46 PST 2015
On 2/5/2015 9:00 PM, "Ola Fosheim =?UTF-8?B?R3LDuHN0YWQi?=
<ola.fosheim.grostad+dlang at gmail.com>" wrote:
> On Thursday, 5 February 2015 at 23:39:39 UTC, Walter Bright wrote:
>> static void trustedMemcopy(T[] dest, T[] src) @trusted
>> {
>> assert(src.length == dest.length);
>> memcpy(dest.ptr, src.ptr, src.length * T.sizeof);
>> }
>>
>> I don't have to review callers of trustedMemory() because it encapsulates an
>> unsafe operation (memcpy) with a safe interface.
>
> It might have done so if it ensured that T was a proper value type, but
> unfortunately D's type system is not strong enough.
>
> What happens if T is a unique_ptr style reference? Ouch, two unique references
> to the same object. Ouch, memory unsafe.
Good point. Then a constraint can be added to the function signature that T is
copyable.
D's type system is strong enough for that.
More information about the Digitalmars-d
mailing list