Borrowing and Ownership
rikki cattermole
rikki at cattermole.co.nz
Sun Oct 27 23:40:06 UTC 2019
On 28/10/2019 11:36 AM, Timon Gehr wrote:
> - The problem with `@trusted` is that it has no defense against `@safe`
> code destroying its invariants or accessing raw pointers that are only
> meant to be manipulated by `@trusted` code. There should therefore be a
> way to mark data as `@trusted` (or equivalent), such that `@safe` code
> can not access it.
This seems artificially restrictive for this proposal.
However, we could instead split this off into its own DIP allowing
attributes to act like visibility modifiers for variables.
I may not be convinced that this is required, but following it through
to completion would be a good idea if its done at all.
> Change the meaning of `scope`:
>
> - `scope` should apply to all types of data equally, not only built-in
> pointers and references. The most obvious use case for this is @safe
> interfacing with a C library that exposes handles as structs with an
> integer field but specifies undefined behavior if those handles are
> mismanaged. Not everything that is a manually-managed reference to
> something is a built-in pointer or reference.
A primary usecase for this type of system is systemy-handles like a
window, it would force it to remain on a single thread and can
auto-dealloc when done. Replacing refcounting (which is perfectly ok but
doesn't look great).
More information about the Digitalmars-d
mailing list