@trust is an encapsulation method, not an escape
Tobias Pankrath via Digitalmars-d
digitalmars-d at puremagic.com
Fri Feb 6 09:50:04 PST 2015
> I was referring to a hypothetical "untrusted" block that might
> be used something like this:
>
> ---
> void foo(Range)(Range r) @trusted {
> // ...
>
> untrusted {
> r.front;
> }
>
> // Your manually checked code.
>
> untrusted {
> r.popFront;
> }
>
> // …
> }
> ---
Using current semantics we must not mark foo @trusted, if r.front
and
r.popFront aren't. Using the proposed @safe-blocks (are those
untrusted blocks the same?) we could guarantee that, by wrapping
the use of r.front and r.popFront in @safe-blocks.
This is limiting because now we cannot provide an foo marked
@system for all @system ranges without boiler plate or
duplicating the function.
Correct?
More information about the Digitalmars-d
mailing list