Understanding DIP 1000 semantics -- Where's the bug?

ag0aep6g anonymous at example.com
Tue Sep 24 17:49:53 UTC 2019


On 24.09.19 19:01, Olivier FAURE wrote:
> Refs aren't equivalent to unqualified pointers, 
> they're equivalent to a scope pointers.

Whether `ref` does or should imply `scope` is topic of the discussion.

> By the way, with the following 
> code:
> 
>      @safe:
> 
>      int* foo(scope int* x)
>      {
>          int* a = x;
>          return a;              // Compile error: scope variable *a* may 
> not be returned
>      }
> 
>      void main() {
>          int* p;
>          {
>              int x;
>              p = foo(&x);
>          }
>          *p = 1;            // Memory corruption
>      }
> 
> the compiler correctly identifies that the problem isn't "foo(&x)", but 
> "return a", and gives an appropriate error message.
> 
> So the problem isn't a lack of flow analysis or wrong ref semantics, 
> it's that ref isn't implemented the same way as scope.

I think we're almost on the same page now. There are two ways to attack 
the issue:

1) Make `ref int` more like `scope int*`. I.e., disallow `return a;`.
2) Make `ref int` more like (unqualified) `int*`. I.e., disallow `foo(&x);`.

Your vote is for #1. My vote is for #2. But mine is just a preference. I 
wouldn't fight against #1.


More information about the Digitalmars-d mailing list