On Tuesday, 2 September 2014 at 14:33:53 UTC, Dmitry Olshansky
wrote:
31-Aug-2014 17:47, Dmitry Olshansky пишет:
Quite recently a lot of work has been done to make most of
Phobos usable
in @safe code.
...
What do you guys think?
Probably a lot of people missed the point that if we
standardize a few idioms (dangerous but at least centralized)
we at least can conveniently contain the "abuse" of @trusted to
the select standard module. Else it *will* be abused in a
multitude of ways anyway.
I think it's probably hard to appreciate where you are coming
from, until you've reviewed code for things such as Appender
and/or emplace. I swear there was 1 point where roughly 25% of
the lines of code in that thing where wrapped in a trusted lambda.
1 issue I find with your proposal, is (personally), I've seldom
had to *call* unsafe functions in a trusted fashion, but rather,
had to do unsafe *things*:
if (capacity > slice.length)
slice = @trusted(){return slice.ptr[0 .. slice.length +
1];}();
In such context, "call!" wouldn't help much. That said, there are
also plenty of cases where we call memcpy (just grep
"trustedMemcpy" in phobos), where your proposal would help.
Also: There's already a help "addressOf" somewhere in phobos.
It's meant mostly to take the address of property return values.
Instead of providing "addressOf" in std.trusted, you could simply
do a "call!" of the not-trusted generic "addressOf". Just a
thought.