www.digitalmars.com         C & C++   DMDScript  

digitalmars.D.bugs - [Issue 22569] New: emplace silently escapes safe


          Issue ID: 22569
           Summary: emplace silently escapes  safe
           Product: D
           Version: D2
          Hardware: All
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P1
         Component: druntime
          Assignee: nobody puremagic.com
          Reporter: stanislav.blinov gmail.com

void* global;

 safe void main()
    import core.lifetime : emplace;
    int local;
    emplace(&global, &local); // this compiles, even with dip1000
    global = &local; // this does not, as well it shouldn't


A more generic example:

struct Escapist
    void* p;
    this()(return scope void* p) { this.p = p; }

Escapist escape;

 safe void main()
    int value;
    import core.lifetime : emplace;
    emplace(&escape, &value); // compiles
    escape.__ctor(&value); // does not compile


Problem is, `emplace` is supposed to initialize the uninitialized, and with
current rules there doesn't seem to be a way to make it infer correctly when
pointers are involved. You can make a version that takes a generator (i.e. a
lazy or a scope delegate), but you do need a cast to call the target ctor, and
that cast, having to be lowered from  safe to  trusted, loses lifetime

Dec 04 2021