Type state analysis
Dukc
ajieskola at gmail.com
Sat Apr 13 09:59:13 UTC 2024
On Wednesday, 10 April 2024 at 19:47:03 UTC, Richard (Rikki)
Andrew Cattermole wrote:
> On 11/04/2024 7:31 AM, Atila Neves wrote:
>> Unless I'm missing something, that's exactly what DIP1000
>> does? How else would "order of invalidation" work except
>> through scopes? Explicit destruction? Why do that??
>
> See my earlier example:
>
> ```d
> Parent* parent;
> Field* child = &parent.field;
> parent.destroy;
> Field value = *child;
> ```
>
> That simply shouldn't compile.
Assuming you meant `destroy(*parent);` instead of destroying only
the pointer to it.
`destroy` runs the destructor of the object, but it doesn't free
it. It even sets it to it's `.init` value so that it's known
exactly what any further calls on the object will do. So your
example is safe.
I know, what you're saying is that one can't give `@safe` access
to a field that is deallocated when the struct is destroyed even
with a scoped reference, because the struct can be destroyed
before the reference expires.
We've probably been through this before: one can, but only inside
a callback such as `borrow` for `SafeRefCounted`, that locks the
data structure preventing destruction while the callback is
executed.
More information about the dip.ideas
mailing list