[Dlang-internal] -dip1000 discussion
Olivier FAURE via Dlang-internal
dlang-internal at puremagic.com
Sun Jan 29 04:10:42 PST 2017
On Sunday, 29 January 2017 at 11:45:30 UTC, Walter Bright wrote:
> On 1/29/2017 3:24 AM, Olivier FAURE wrote:
> It's best to post compilable code fragments. This code compiles
> with -dip1000:
It shouldn't. This is one of the 'gotcha's that I mentioned
earlier.
struct Container
{
int* ptr;
}
ref Container store(ref return scope Container c, return
scope int* ptr) @safe
{
c.ptr = ptr;
return c;
}
Container* foobar() @safe
{
Container* c = new Container;
int x = 42;
scope int* ptr = &x;
scope Container c2 = store(*c, ptr);
return c;
}
void main() @safe
{
import std.stdio;
import std.conv;
int x = *foobar().ptr; // invalid write
}
This code should not compile, and having a @safe opaque 'store'
function is not possible with 'return scope' alone unless you use
the functional programming idiom of returning a new object
instead of mutating objects passed by reference.
More information about the Dlang-internal
mailing list