DIP 36: Rvalue References

Tue Apr 23 13:03:38 PDT 2013

On 04/23/2013 09:51 PM, Steven Schveighoffer wrote:
> On Tue, 23 Apr 2013 15:40:35 -0400, Timon Gehr <timon.gehr at gmx.ch> wrote:
>
>
>> Safety should be guaranteed in @safe code. There is no point in
>> conservatively disallowing perfectly fine @system code on the basis of
>> safety concerns, unless, of course, the type system is advanced enough
>> to prove safe all relevant use cases.
>
> I agree with this.  If @safe code is all that is affected, we will be
> well off.  We can also disallow known bad cases in non- at safe code.
>
> -Steve

Another possibility I consider fine is to implement what Andrei suggests 
and then allow @system code to cast around the conservative escape 
checks using something like eg. cast(scope).

struct CodeGen{
     struct Label{
         CodeGen* outer;
     }
     Label makeLabel(){ return Label(&this); } // error
}

struct CodeGen{
     struct Label{
         CodeGen* outer;
     }
     Label makeLabel(){ return Label(cast(scope)&this); } // ok
}

The best way to fix this would of course be to introduce lifetimes as an 
explicit type system feature. (Though if I was allowed to add that kind 
of complexity to the type system, I'd do many things very differently.)