DIP1014, DIP1000 and use-after-move bugs
Max Haughton
maxhaton at gmail.com
Thu Jul 11 19:01:47 UTC 2019
On Thursday, 11 July 2019 at 13:33:03 UTC, Paul Backus wrote:
> On Thursday, 11 July 2019 at 10:19:16 UTC, Max Haughton wrote:
>> I think "DIP1000"(i.e. whatever it becomes) should eventually
>> disallow use after move.
>>
>> This should probably be by default but allow tagging a move
>> operator as safe to reuse.
>>
>> I haven't got a clue where to start an implementation but I
>> think this would be a good step once DIP1014 is implemented.
>
> I don't think this can be done without adding something like
> Rust's borrow checker to D.
>
> Since D's `move` resets the moved-from object to its .init
> value, a use-after-move is just a logic error, not undefined
> behavior, so there's nothing un- at safe about it.
wrt a borrow checker, we already have lifetimes so an extremely
basic borrow checker (if it could fit syntactically) would be
interesting.
Move: Is that still the case after DIP1014, I.e. you can do
arbitrary work in opPostMove... Right?
The system I propose is opt-in/out, i.e. avoidable either way, do
you can choose to make it an error by tagging opPostMove. This
could alleviate some fairly massive bugs that come with using
move semantics by accidently reusing an invalid object.
More information about the Digitalmars-d
mailing list