22507 – Struct destructors must enjoy special status with regard to @safe/@trusted/@system

Issue 22507 - Struct destructors must enjoy special status with regard to @safe/@trusted/@system

Summary: Struct destructors must enjoy special status with regard to @safe/@trusted/@s...

Status:	RESOLVED DUPLICATE of issue 21981

Alias:	None

Product:	D
Classification:	Unclassified
Component:	dmd (show other issues)
Version:	D2
Hardware:	All All

Importance:	P1 enhancement
Assignee:	No Owner

URL:
Keywords:

Depends on:
Blocks:

Reported:	2021-11-12 16:43 UTC by Andrei Alexandrescu
Modified:	2021-11-12 16:51 UTC (History)
CC List:	1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this issue.

Description Andrei Alexandrescu 2021-11-12 16:43:32 UTC

From https://forum.dlang.org/post/vjptvzqpaobvadnofzht@forum.dlang.org:

In order to create an automatic object of type T in a safe function, T's destructor must be safe or trusted.

Currently the destructor is embodied by the __dtor member function, i.e. the attributes on the destructor's declaration are identical to those on the generated __dtor member function.

Some types need to define a destructor that does unsafe things, mainly deallocating memory that is carefully confined within the object. 

This creates the following conundrum:

1. If such types make the destructor @trusted, it means safe code is also free to call __dtor() manually. Subsequent use of such objects is liable to break safetu.

2. If such types choose to make the destructor @system, it means safe code cannot create objects of those types at all.

At first blush, there needs to be a way to tell the compiler "destructor is to be trusted but only when called implicitly".

Comment 1 Dennis 2021-11-12 16:51:21 UTC


*** This issue has been marked as a duplicate of issue 21981 ***