> This is an idea to patch that hole a little, doing this inside pure functions: > 1) Keep disallowing alloca()/malloc()/etc calls; > 2) Disallow struct allocations; > 3) Keep allowing object and dynamic array allocations; > 4) Disallow read and write of the "ptr" fields of dynamic arrays; > 5) Disallow casts of object references to something else.
Note this is about _inside pure functions_. A safer idea comes from using the type system, but it's hard. The idea is introducing "pure memory references". Any memory allocation inside a pure function returns a pointer/reference that can't be _read_ (as value) inside the pure function itself, or even outside it, if it among the function results. I think it's possible to design a type system able to enforce this safely, but I don't think this will happen for D. Bye, bearophile
