dip1000 and preview in combine to cause extra safety errors
Dennis
dkorpel at gmail.com
Thu Jun 9 14:46:44 UTC 2022
On Thursday, 9 June 2022 at 01:18:30 UTC, Steven Schveighoffer
wrote:
> For some reason, while you can't return a pointer to a local,
> you can return a scope pointer.
A pointer to a local is guaranteed to be a dangling pointer when
you return it, while a `scope` pointer is not guaranteed to be
memory with limited lifetime when you return it. `scope` is only
a conservative compile-time approximation of what's actually
happening, which makes it susceptible to false positives:
```D
int* f(int x) @safe {
int* p = &x; // p is inferred scope here
p = new int; // p is no longer pointing to stack memory
return p; // Error: scope variable `p` may not be returned
}
```
This function could be permitted as @system or @trusted code.
More information about the Digitalmars-d
mailing list