DIP1000 scope inference
Dukc
ajieskola at gmail.com
Wed Oct 26 12:49:20 UTC 2022
On Wednesday, 26 October 2022 at 08:03:37 UTC, Walter Bright
wrote:
> On 10/24/2022 6:35 PM, Steven Schveighoffer wrote:
>> In a `@trusted` function today, without dip1000, the above is
>> perfectly reasonable and not invalid. Will dip1000 make it
>> corrupt memory?
>
> A very good question. Clearly, having code work when it is
> @safe, but cause memory corruption when it is marked @trusted,
> is the wrong solution. This should never happen. I'm not sure
> what the solution should be here.
It's not quite exactly that. The code in question fails with
`@safe`.
The problem is that Steven's `@trusted` code not only happens to
work, but is defined behaviour without dip1000, yet undefined
behaviour with `-preview=dip1000`.
My proposal: disable local variable `scope` inference for
`@system` and `@trusted` code. This has the downside that it's
difficult to test whether the implementation really turns the
inference off. But unless we're ready to ditch `scope` inference
altogether I can't come up with anything better.
More information about the Digitalmars-d
mailing list