My knowledge of things like move-only types aren't up to what they should be so please correct any false assumptions I have here, but for the use case I'm primarily interested in (Swift calling a C API that transfers ownership of a const char * that I want to put into a String with an owner who frees it when it goes out of scope), would it be correct to say that we need a way to express that:
- the C API returns a unique/move-only pointer to the buffer
- the
Stringinitializer takes a unique/move-only pointer to the buffer
...and that would alleviate the concerns of poking a hole in the safety model where the pointer could leak through?
In that situation the owner: AnyObject model falls apart because as currently pitched the owner is a caller-provided object that also retains a reference to the buffer so that it can free it, but since the ownership manifesto makes reference to move-only types being able to provide a deinit, then a spearate owner wouldn't be necessary in that case; we'd just need to provide a way for the unique pointer to know what it should call to deallocate the memory it points to.