www.digitalmars.com         C & C++   DMDScript  

digitalmars.D.bugs - [Issue 20490] New: malloc and free should be safe / trusted


          Issue ID: 20490
           Summary: malloc and free should be  safe /  trusted
           Product: D
           Version: D2
          Hardware: All
                OS: All
            Status: NEW
          Severity: minor
          Priority: P1
         Component: druntime
          Assignee: nobody puremagic.com
          Reporter: n8sh.secondary hotmail.com

malloc and calloc should be  trusted because by specification they cannot
corrupt memory regardless of what arguments they are passed. core.stdc.stdlib.d
has this comment explaining why they aren't  trusted:

// We don't mark these  trusted. Given that they return a void*, one has
// to do a pointer cast to do anything sensible with the result. Thus,
// functions using these already have to be  trusted, allowing them to
// call  system stuff anyway.

That comment is longer than just writing  trusted twice. Moreover since that
comment was written Phobos has adopted the style of wrapping individual
statements in  trusted lambdas instead of marking entire functions as  trusted.

Jan 08 2020