ref is unsafe
Jonathan M Davis
jmdavisProg at gmx.com
Wed Jan 2 11:37:37 PST 2013
On Wednesday, January 02, 2013 13:45:32 Maxim Fomin wrote:
> I think it should not be fixed, but probably compiler may issue
> warning at some circumstances when it can realize this situation.
It's a hole in @safe. It must be fixed. That's not even vaguely up for
discussion. The question is _how_ to fix it. Ideally, it would be fixed in a way
that limits how much more code has to become @system.
> By the way, there is another issue with ref -
> http://dpaste.dzfl.pl/928767a9 which was discussed several month
> ago minimum. Do you think this should be also fixed?
It's not a bug. You're dereferencing a null pointer, so you get a segfault.
There's nothing surprising there.
> I don't take into D's @safity seriously because it can be easily
> hacked.
It's fine if you don't care about it, but as the maintainers of the language
and standard library, we have to take it seriously. Regardless of the
likelihood of there being a bug caused by this, it breaks @safe, so it must be
fixed, even if that means simply making all functions which both accept by ref
and return by ref @system. But that's very undesirable, because it will lead
to too much code being considered @system even when it's perfectly safe. Hence
why this is being discussed.
- Jonathan M Davis
More information about the Digitalmars-d
mailing list