[Issue 14125] std.file has gotten out of hand
via Digitalmars-d-bugs
digitalmars-d-bugs at puremagic.com
Wed Feb 4 16:24:18 PST 2015
https://issues.dlang.org/show_bug.cgi?id=14125
--- Comment #12 from Dicebot <public at dicebot.lv> ---
(In reply to Walter Bright from comment #10)
> Consider the following code:
>
> @trusted void* trustedMalloc(size_t n) { return malloc(n); }
> @trusted void trustedFree(void* p) { free(p); }
>
> @safe void foo() {
> auto p = trustedMalloc(5);
> trustedFree(p);
> trustedFree(p);
> }
>
> foo() passes @safe checks, yet is able to corrupt memory. The fault is that
> the @trusted functions failed to encapsulate what they're doing and present
> a safe interface.
>
> @trusted functions must be reviewed to determine if they present a safe
> interface or not. Merely wrapping an unsafe operation is not good enough and
> must not pass review.
This is why such wrapper functions are wlays kept private and as long as
possible - local to functions those are used in.
It would help a lot if `() @trusted { foo(); }` lambdas could be 100% inlined -
then those could be used instead to prevent accidentla reusage of wrapper in
wrong context.
--
More information about the Digitalmars-d-bugs
mailing list