dip1000 and preview in combine to cause extra safety errors
jmh530
john.michael.hall at gmail.com
Thu Jun 9 21:09:46 UTC 2022
On Thursday, 9 June 2022 at 15:38:10 UTC, jmh530 wrote:
> On Thursday, 9 June 2022 at 15:23:35 UTC, Timon Gehr wrote:
>> [snip]
>> There is no upside to allowing this `scope` annotation.
>
> [snip]
Below is also unintuitive as the compiler has all the information
needed to verify that the reference is escaping. Also, since the
escape analysis occurs only in @safe functions, it is assumed
that no escape happens in the @trusted one called by the @safe
one.
The situation reminds me a little of `restrict` in C. `restrict`
tells the compiler to make certain assumptions about the code,
but it is up the programmer to ensure that those assumptions are
upheld.
```d
int* a;
@safe
void foo(scope int* x) {
//a = x; //error
bar(x);
}
@trusted
void bar(scope int* x) {
a = x;
}
void main() {
int x = 1;
foo(&x);
assert(*a == 1);
}
```
More information about the Digitalmars-d
mailing list