On Thursday, 27 August 2015 at 11:45:14 UTC, anonymous wrote:
On Thursday 27 August 2015 13:15, BBasile wrote:
https://github.com/BBasile/iz/blob/master/import/iz/types.d#L125
https://github.com/BBasile/iz/blob/master/import/iz/types.d#L150
https://github.com/BBasile/iz/blob/master/import/iz/types.d#L191
Your use of @trusted is wrong and dangerous. @trusted functions
are supposed to be memory-safe, but you're marking unsafe
functions with it.
Things like a @trusted `free` [1] are just plain wrong. `free`
isn't memory- safe.
The problems with @trusted templates can be more subtle. Even
if the template body itself doesn't do anything unsafe, the
template arguments are being trusted, too. So if the template
ever calls any code from the arguments (including constructors,
destructors, postblits, ...), then it cannot be marked @trusted.
[1]
https://github.com/BBasile/iz/blob/master/import/iz/types.d#L112
the pointer is checked before the call. Yes it can be dangling
but free goes in pair with the newPtr funct. I plan to do better
when Andrei's allocators will be released:
https://github.com/BBasile/phobos/blob/showcase-construct/std/experimental/allocator/showcase.d#L105
Anyway. I cheat a bit with attributes but as long as it's only
for me...I know this kinds of functions are not phobos-level.
