DIP 1025--Dynamic Arrays Only Shrink, Never Grow--Community Review Round 1

[Steven Schveighoffer]

On 11/11/19 11:47 AM, Uknown wrote:
> A lot of people are bringing it up, so I'll bite. The problem with @nogc 
> is that it doesn't cover all cases. Imagine the code given in the DIP 
> like this instead:
> 
> ---lib.d
> 
> void f(int x[]) @safe pure nothrow
> {
>      x ~= 0;
> }
> 
> ---main.d
> 
> void main() @safe
> {
>      import lib: f;
>      import std.container : Array;
> 
>      Array!int x = [0, 1, 2, 3, 4];
> 
>      f(slice);
>      // x's dtor will try to free an invalid pointer
> }
> 
> Clearly here main does something that seems safe on the surface. But in 
> actuality it is clearly unsafe code. And its hard to verify, because 
> main and the libraries used are written by completely different people.

No, you are misunderstanding a lot here.

1. f(slice), there is no symbol slice, I think maybe you mean x[]?

2. f's x is a *copy*, which means that appending to x here DOES NOT 
AFFECT main's x at all. Main's x will destroy perfectly fine, and all is 
well.

3. If @nogc is added to main, then it won't compile, because f cannot be 
@nogc. Which is quite the point people are making.

-Steve