dip1000 and preview in combine to cause extra safety errors
Steven Schveighoffer
schveiguy at gmail.com
Sun Nov 13 16:06:14 UTC 2022
On 11/13/22 3:54 AM, Timon Gehr wrote:
> On 6/14/22 04:39, Steven Schveighoffer wrote:
>>
>> They are mostly marked @system, with a smattering of @safe and @trusted.
>>
>> I'll tell you what, I'll do a *whole file* at a time `winsock32.d` ...
>>
>> OK, I did it in less than 10 minutes.
>>
>> https://github.com/dlang/druntime/pull/3839
>
> There is a post-merge review of that pull request that points out that
> two of the functions cannot be `@trusted`. It seems in the current
> version of druntime in DMD master [1], they are still `@trusted`. (I
> would have commented on the pull request, but it is now archived.)
>
> [1]
> https://github.com/dlang/dmd/blob/master/druntime/src/core/sys/windows/winsock2.d
>
> I don't know much about windows sockets, so I am not sure what is the
> best way to fix this. I guess for `inet_ntoa` we should just remove
> @trusted. For `getprotobynumber`, I am not sure if we should just remove
> @trusted or if it is sufficient to mark the return value `const` (it
> seems like it might not be. Given that it says windows sockets will
> return pointers pointing to stuff it has allocated internally, it might
> also deallocate it internally at a later point?)
>
Thanks! I didn't notice that review. `getprotobynumber` also states that
the "application should copy any information that it needs before
issuing any other Windows Sockets function calls" Which suggests the
data may not be valid on a second call.
In other words, the struct contains e.g. a `char *`. If you copy that
*pointer*, it may not be valid upon a second call.
When I did the first PR, I did not focus enough on the return values.
https://github.com/dlang/dmd/pull/14639
-Steve
More information about the Digitalmars-d
mailing list