Discussion Thread: DIP 1035-- at system Variables--Final Review
Dennis
dkorpel at gmail.com
Mon Feb 21 22:56:30 UTC 2022
On Monday, 21 February 2022 at 21:50:31 UTC, Paul Backus wrote:
> If the goal is being able to define custom pointer types, then
> the DIP should use that as an example instead of talking about
> file descriptors, and it should explain *exactly* which part of
> the example depends on this feature for memory safety (as the
> other examples do).
A double `fclose` on a `FILE*` is basically a double free. I
thought the same would apply to raw file descriptors, but I just
read that a double `close` simply results in an `EBADF` error, so
maybe it's not a good example.
> I still don't think it's a compelling use-case, though.
> [`TailUnqual`][1] does something very similar, using the
> `union` workaround, and it would not benefit from having access
> to `scope`-checked integers because (a) it stores a `size_t`,
> so eliminating the `union` wouldn't save any space; and (b) it
> needs the `union` for correct GC scanning regardless.
Yes, TailUnqual doesn't need `scope`-checked integers, but that
doesn't mean other code doesn't need it. I added the rule for two
reasons:
- The compiler currently has a notion of a type that
`hasPointers`. The extra complexity of adding a notion
`hasSystemVariables` was daunting, but then I thought we could
just make them the same. I think that would not only simplify the
implementation, but also the feature in general. It makes it easy
to draw a parallel to a pointer and a `@system size_t`.
- Some people asked for the feature (see links in the rationale
section)
I can improve the DIP text, but I'm not yet convinced the rule
should be scrapped.
More information about the Digitalmars-d
mailing list