On Tuesday, 24 September 2019 at 13:35:04 UTC, ag0aep6g wrote:
>
> When using a pointer instead of `ref`, the code is rejected as
> expected even with the more complex body:
>
> ----
> @safe:
>
> int* foo(int* x)
> {
> int* a = x;
> return x;
> }
>
> void main() {
> int* p;
> {
> int x;
> p = foo(&x); /* error here */
> }
> }
> ----
That's a bad comparison. Refs aren't equivalent to unqualified
pointers, they're equivalent to a scope pointers. By the way,
with the following code:
@safe:
int* foo(scope int* x)
{
int* a = x;
return a; // Compile error: scope variable
*a* may not be returned
}
void main() {
int* p;
{
int x;
p = foo(&x);
}
*p = 1; // Memory corruption
}
the compiler correctly identifies that the problem isn't
"foo(&x)", but "return a", and gives an appropriate error message.
So the problem isn't a lack of flow analysis or wrong ref
semantics, it's that ref isn't implemented the same way as scope.
(Anyone feel like submitting a bug report? I don't have an
account)