On Thursday, 3 January 2013 at 22:50:38 UTC, Rob T wrote:
The problem with that idea, is that a ref return with no
arguments may call another ref return that returns something
that escapes the scope it was created in. If the source code is
not available, then there's no way for the compiler to
determine that this is going on.
You can't return a scope ref in @safe code, so that is not an
issue.
I would suggest to disallow all ref returns that make use of a
ref return function call *unless* the code portion is marked as
@trusted, and to to that requires following the ideas presented
for changing how @trusted should be implemented, ie allowing
selected portions of otherwise unsafe code to be marked as
trusted by a programmer who has verified the use of the code to
be safe given the context.
The scope attribute, once properly implemented, would make
sure that the reference is not escaped. For now, we could just
make it behave overly conservative in @safe code.
David
My understanding was that in some cases that source code is not
available to the compiler, which I would think means that
preventing scope escaping cannot be 100% guaranteed, correct?
This is why the scope qualifier exists.
