DIP 1021--Argument Ownership and Function Calls--Community Review Round 1
Nick Treleaven
nick at geany.org
Thu Jul 18 11:30:12 UTC 2019
On Thursday, 18 July 2019 at 11:16:02 UTC, ag0aep6g wrote:
> I'm not sure if there's a meaningful difference between your
> code and mine. You're calling the destructor explicitly with
> `destroy`, So it's practically the same as my `clear` method,
> no?
I think the difference is that destroy takes an S by ref, so the
compiler could raise an error about p potentially outliving s:
void maybeBad(ref S s); // might call s.destroy
scope p = s.get;
s.maybeBad;
// p may now be invalid
But I don't think this is proposed by this DIP or supported by
DIP 1000.
> Anyway, I think we're on the same page: The goal of DIP 1021
> seems to be to allow marking calls to `free` (and similar
> functions) as @trusted in certain situations. The DIP should
> say this, and give an example.
I realized my example shouldn't mark the destructor as @trusted,
because of the DIP limitation section:
https://github.com/dlang/DIPs/blob/793f83911fdc8c88c6ef34e6a36b5e11e3e574e5/DIPs/DIP1021.md#limitations
> That's a common hack, but strictly speaking it's an invalid use
> of @trusted. An @trusted function must be safe regardless of
> where it's called from. I.e., it must also be safe when called
> from within the same module.
So we need C++ private then.
> But finding a solution to that problem is probably outside of
> the scope of the DIP being discussed.
Yes.
More information about the Digitalmars-d
mailing list