ImportC and nothrow/@nogc?
Manu
turkeyman at gmail.com
Sun Aug 25 11:40:06 UTC 2024
On Sun, 25 Aug 2024 at 21:31, Paolo Invernizzi via Digitalmars-d <
digitalmars-d at puremagic.com> wrote:
> On Sunday, 25 August 2024 at 10:32:31 UTC, Manu wrote:
> > On Sun, 25 Aug 2024 at 19:56, Paolo Invernizzi via
> > Digitalmars-d < digitalmars-d at puremagic.com> wrote:
> >
> >> On Saturday, 24 August 2024 at 17:43:38 UTC, Manu wrote:
> >> > On Sun, 25 Aug 2024 at 03:31, Richard (Rikki) Andrew
> >> > Cattermole via Digitalmars-d <digitalmars-d at puremagic.com>
> >> > wrote:
> >> >
> >> >> On 25/08/2024 5:10 AM, Manu wrote:
> >> >> > [...]
> >> >>
> >> >> I've been considering something along these lines.
> >> >>
> >> >> Specifically, ``@trusted`` does not mean the entire body
> >> >> shouldn't be verified. It just means that you are going to
> >> >> do something naughty that needs looking at.
> >> >>
> >> >> So you need annotated scopes inside of it, to do the
> >> >> naughty thing.
> >>
> >> Just wrote a trusted function and call it: that's the sane way
> >> to do it and respect code reviewer hard job.
> >
> >
> > ...so, because I'm going to make one single unsafe function
> > call inside of some function, I should eject all other related
> > or unrelated safety checks for the entire surrounding context?
>
> No, you should isolate the unsafe part of code into a function,
> explain why it’s unsafe, the intent of the code, the expected
> parameter values and the expected returns, so that reviewer can
> check that the interface is really memory safe.
>
> Then call this extremely simple function from the rest of safe
> code safe code.
>
>
So, this then:
extern(C) int myUnsafeFunction(int x, int y);
@trusted int myPointlessWrapper(int x, int y)
{
return myUnsafeFunction (x, y);
}
@safe mySuperSafeFunction(...)
{
//... lots of code
int r = myPointlessWrapper(arg1, arg2);
//... lots of code
}
Brilliant.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.puremagic.com/pipermail/digitalmars-d/attachments/20240825/b235a77b/attachment-0001.htm>
More information about the Digitalmars-d
mailing list