• Eduard Staniloiu (10/10) Dec 12 2018 Anybody knows why `std/uni.ReallocPolicy`'s `realloc` and
• Steven Schveighoffer (10/19) Dec 13 2018 From the stand point of that PR, nothing changed except the ability to

Eduard Staniloiu <edi33416 gmail.com> writes:

Anybody knows why `std/uni.ReallocPolicy`'s `realloc` and 
`destroy` are ` trusted`?
Those were introduced by this PR: 
https://github.com/dlang/phobos/pull/6041/files

`realloc` and `destroy` are never ` safe` solely from their point 
of view, as they don't know if there are any references to the 
memory they are freeing. The caller has this information and he 
can safely make the call to them ` trusted`.

Cheers,
Edi

Steven Schveighoffer <schveiguy gmail.com> writes:

On 12/12/18 4:42 AM, Eduard Staniloiu wrote:
 Anybody knows why `std/uni.ReallocPolicy`'s `realloc` and `destroy` are 
 ` trusted`?
 Those were introduced by this PR: 
 https://github.com/dlang/phobos/pull/6041/files
 
 `realloc` and `destroy` are never ` safe` solely from their point of 
 view, as they don't know if there are any references to the memory they 
 are freeing. The caller has this information and he can safely make the 
 call to them ` trusted`.

From the stand point of that PR, nothing changed except the ability to 
build with dip1000 I think. Instead of the struct being tagged  safe, 
and the functions inside tagged  trusted, the whole thing was tagged 
 trusted.

And I 100% agree, that shouldn't have been  safe or  trusted ever.

The correct way to do this would be to hoist the  trusted tag out to the 
usage of those structs. But I don't know enough about the code to make 
an informed recommendation.

-Steve