There is an idea to make stdio.readf @trusted/@safe (reported
here: https://issues.dlang.org/show_bug.cgi?id=8471). What
currently makes it unsafe is LockingTextReader using functions
FLOCK, FUNLOCK, FGETC (aliased from extern functions, dependent
on the OS) and using a cast from 'shared(_IO_FILE)*' to
'_IO_FILE*'.
I found out that stdio.write* functions are made @safe by
declaring all methods of LockingTextWriter (similar to
LockingTextReader) @trusted and using helper function:
/**
* Property used by writeln/etc. so it can infer @safe since
stdout is __gshared
*/
private @property File trustedStdout() @trusted
{
return stdout;
}
So the obvious solution is to copy the approach of stdio.write.
The other one would be to mark underlying functions
FLOCK/FUNLOCK/FGETC @trusted (which in the process would allow to
get rid off @trusted from LockingTextWriter, except casting from
shared), but I'm not sure if it's legit as there may be some
quirks and they should not be @trusted at all.
So my question are: are both solutions presented acceptable? If
yes, which one is preferred? Or maybe there is a better one?
_______________________________________________
phobos mailing list
phobos@puremagic.com
http://lists.puremagic.com/mailman/listinfo/phobos
