D not considered memory safe
Dukc
ajieskola at gmail.com
Sun Jul 14 13:34:49 UTC 2024
Dennis kirjoitti 13.7.2024 klo 20.16:
> On Thursday, 11 July 2024 at 16:26:59 UTC, Walter Bright wrote:
>> The way to do it incrementally is to start by labeling each function
>> @trusted, then making them @safe one by one.
>>
>> I've done this, it works.
>
> I know you've done the first part, because there's now 1122 `@trusted`
> functions in dmd.backend. Many of them have an unsafe interface such as:
>
> ```D
> @trusted
> void list_delete(list_t list) { free(list); }
> ```
>
> Not much actual `@safe` code has come from it unfortunately.
>
Why in the world Walter did that?
He has complained that lambdas like `(@trusted { list.list_delete();
})()` are a bad practice, since they hide the fact a `@safe` function is
actually calling unsafe functions. But isn't this much worse? Not only
are `@safe` functions calling unsafe functions, there isn't even a
`@trusted` in the function body to warn about the fact!
I'd have expected Walter to mark the calling functions `@trusted`
instead, if he feels the lambda trick is too dangerous.
More information about the Digitalmars-d
mailing list