this() not executing code on structs
Denis Koroskin
2korden at gmail.com
Thu Oct 22 10:04:23 PDT 2009
On Thu, 22 Oct 2009 21:01:15 +0400, Andrei Alexandrescu
<SeeWebsiteForEmail at erdani.org> wrote:
> grauzone wrote:
>> dsimcha wrote:
>>> == Quote from grauzone (none at example.net)'s article
>>>> Andrei Alexandrescu wrote:
>>>> I'd really like to know why "scope x = new X();" is "unsafe", while
>>>> encouraging doing exactly the same with structs seems to be a
>>>> perfectly
>>>> fine idea. Allocating structs on the stack is obviously not any safer
>>>> than with classes. I don't remember the exact reasons why you wanted
>>>> to
>>>> turn "scope" into a library feature, but I think I remember something
>>>> about discouraging it for safety reasons; please forgive me is this is
>>>> wrong.
>>>
>>> Because classes in D are always passed by pointer. (Technically
>>> references, but
>>> really they're just pointers under the hood.) Returning a scope
>>> (stack-allocated)
>>> class from a function is equivalent to escaping a pointer to a stack
>>> variable.
>>> Returning a struct is done by value, just like returning an int.
>> (I'm talking about scope classes as declared in "scope class T { ...
>> }")
>> But you can't return scope classes from a function. You can't pass
>> them as ref parameters either. They're designed to be safe.
>
> I wish it was as easy as it sounds. In fact you don't need to pass scope
> classes as ref parameters - it's enough to pass them "by value" because
> they are implicitly references.
>
> You can't even safely call a method on a scope class object because that
> method may assign "this" to something escaping the scope of the method.
>
> Save for using some flavor of interprocedural escape analysis and/or
> making "scope" a function attribute, I'm not seeing how scope can be
> made safe and reasonably useful.
>
>> On the other hand, you can pass struct pointers all the way you want
>> around, and it's damn unsafe.
>> I don't get this "structs are safe because they are value types"
>> argument anyway, because the this pointer for structs is a
>> pointer/reference anyway. If it's trivial to break that "safety", can
>> you really call it "safety"?
>
> The point is that you can disable address taking altogether and still
> write a great deal of good code in D. If address taking is verboten
> (e.g. in SafeD), ref parameters can never be escaped (they will be
> scoped) and therefore they become safe, too. So within SafeD, structs
> become safe, but scope class objects still couldn't be made safe without
> heroic effort.
>
>
> Andrei
Scope classes could be disallowed in SafeD, but you can't disallow
Scope!(Object).
More information about the Digitalmars-d
mailing list