<div dir="ltr"><div class="gmail_extra"><br><div class="gmail_quote">On Mon, Aug 15, 2016 at 4:05 PM, Dicebot via Digitalmars-d-announce <span dir="ltr"><<a href="mailto:digitalmars-d-announce@puremagic.com" target="_blank">digitalmars-d-announce@puremagic.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-style:solid;border-left-color:rgb(204,204,204);padding-left:1ex"><span class="">On 08/15/2016 04:54 PM, Rory McGuire via Digitalmars-d-announce wrote:<br>
> okay nice, so that code would not compile but code such as:<br>
> void test() {<br>
</span><span class="">> scope rnd  = new Rnd; // reference semantic and stack allocated<br>
> auto rnd2 = rnd;<br>
</span><span class="">>         some_sneaky_function_that_<wbr>saves_global_state(rnd);<br>
> }<br>
> would still not be checked. And would crash inexplicably at the point<br>
> the global was accessed?<br>
<br>
</span>some_sneaky_function_that_<wbr>saves_global_state would have to be declared<br>
as `some_sneaky_function_that_<wbr>saves_global_state(scope Rnd rnd)` to be<br>
allowed to use rnd as argument which prevents escaping to globals.<br>
<br>
What would still be the problem is if `Rnd` contains reference to<br>
another class internally (which gets manually destroyed when Rnd is<br>
destroyed) and `some_sneaky_function_that_<wbr>saves_global_state` saves it<br>
instead - because by current design `scope` is a storage class and not<br>
transitive.<br>
<br>
</blockquote></div><br></div><div class="gmail_extra">Thanks! That is an excellent explanation. Is the below a test case for that?</div><div class="gmail_extra"><br></div><div class="gmail_extra"><div class="gmail_extra"><div class="gmail_extra"><div class="gmail_extra">import std.stdio;<br></div><div class="gmail_extra"><br></div><div class="gmail_extra">class Rnd {</div><div class="gmail_extra"><span class="" style="white-space:pre">       </span>NormalRefSemantics inner; // protecting this is irrelevant in more complex objects?</div><div class="gmail_extra"><span class="" style="white-space:pre">  </span>this() {</div><div class="gmail_extra"><span class="" style="white-space:pre">             </span>inner = new NormalRefSemantics();</div><div class="gmail_extra"><span class="" style="white-space:pre">            </span>writeln("created");</div><div class="gmail_extra"><span class="" style="white-space:pre">        </span>}</div><div class="gmail_extra"><span class="" style="white-space:pre">    </span>~this() {</div><div class="gmail_extra"><span class="" style="white-space:pre">            </span>delete inner;// this is what causes the segfault</div><div class="gmail_extra"><span class="" style="white-space:pre">             </span>writeln("destroyed");</div><div class="gmail_extra"><span class="" style="white-space:pre">      </span>}</div><div class="gmail_extra"><br></div><div class="gmail_extra"><span class="" style="white-space:pre">     </span>int i;</div><div class="gmail_extra">}</div><div class="gmail_extra"><br></div><div class="gmail_extra">void test() {</div><div class="gmail_extra"><span class="" style="white-space:pre">        </span>scope rnd  = new Rnd; // reference semantic and stack allocated<span class="" style="white-space:pre">  </span></div><div class="gmail_extra"><span class="" style="white-space:pre">     </span>auto rnd2 = rnd;</div><div class="gmail_extra"><br></div><div class="gmail_extra"><span class="" style="white-space:pre">      </span>rnd.i = 2;</div><div class="gmail_extra"><span class="" style="white-space:pre">   </span>assert(rnd2.i == 2);</div><div class="gmail_extra"><span class="" style="white-space:pre"> </span>sneaky_escape(rnd);</div><div class="gmail_extra">}</div><div class="gmail_extra"><br></div><div class="gmail_extra">void main() {</div><div class="gmail_extra"><span class="" style="white-space:pre">   </span>writeln("start test");</div><div class="gmail_extra"><span class="" style="white-space:pre">     </span>test();</div><div class="gmail_extra"><span class="" style="white-space:pre">      </span>writeln("test exited", oops);</div><div class="gmail_extra">}</div><div class="gmail_extra"><br></div><div class="gmail_extra">class NormalRefSemantics {</div><div class="gmail_extra"><span class="" style="white-space:pre">  </span>this() {</div><div class="gmail_extra"><span class="" style="white-space:pre">             </span>writeln("I'm alive");</div><div class="gmail_extra"><span class="" style="white-space:pre">  </span>}</div><div class="gmail_extra"><span class="" style="white-space:pre">    </span>~this() {</div><div class="gmail_extra"><span class="" style="white-space:pre">            </span>writeln("inner destruction");</div><div class="gmail_extra"><span class="" style="white-space:pre">      </span>}</div><div class="gmail_extra">}</div><div class="gmail_extra">NormalRefSemantics oops;</div><div class="gmail_extra">void sneaky_escape(Rnd r) {</div><div class="gmail_extra"><span class="" style="white-space:pre"> </span>oops = r.inner; // how can we protect this inner part of the class from escaping?</div><div class="gmail_extra"><span class="" style="white-space:pre">                                    </span>// would we need to mark classes and functions as "scope safe"? (similar to "thread safe")</div><div class="gmail_extra">}</div><div class="gmail_extra"><br></div><div class="gmail_extra">==</div><div class="gmail_extra">This DIP is really interesting, reminds me of back when we were playing around with "emplace".</div><div class="gmail_extra"><br></div><div class="gmail_extra">R</div></div></div></div></div>