DIP1000 observation
Walter Bright
newshound2 at digitalmars.com
Mon Aug 26 06:20:18 UTC 2024
On 8/25/2024 6:28 PM, Jonathan M Davis wrote:
> I'm
> perfectly fine with manually verifying the rare case where I need to take
> the address of a local variable or slice a static array, and I do _not_ want
> to deal with figuring out where and how I need to slap scope everywhere to
> make the compiler happy - especially when it's then going to start
> complaining about stuff that worked perfectly fine and was quite memory safe
> prior to scope getting involved.
If you never take the address of a local, or a ref to a local, dip1000 is not
going to complain about your code!
For example:
```
struct S { @safe ref int bar() { } }
@safe
int* foo(int i)
{
S s;
s.bar();
return null;
}
```
compiles without error with -dip1000.
The following does error:
```
@safe int* foo(int i)
{
return bar(&i);
}
@trusted
int* bar(int* p) { return p; }
```
```
reference to local variable `i` assigned to non-scope parameter `p` calling `bar`
```
Perhaps that error check on a trusted function call should be suppressed.
More information about the Digitalmars-d
mailing list