ref is unsafe
David Nadlinger
see at klickverbot.at
Thu Jan 3 13:56:21 PST 2013
On Sunday, 30 December 2012 at 08:38:27 UTC, Jonathan M Davis
wrote:
> After some recent discussions relating to auto ref and const
> ref, I have come
> to the conlusion that as it stands, ref is not @safe. It's
> @system. And I
> think that we need to take a serious look at it to see what we
> can do to make
> it @safe. The problem is combining code that takes ref
> parameters with code
> that returns by ref. Take this code for example:
>
> ref int foo(ref int i)
> {
> return i;
> }
>
> ref int bar()
> {
> int i = 7;
> return foo(i);
> }
>
> ref int baz(int i)
> {
> return foo(i);
> }
>
> void main()
> {
> auto a = bar();
> auto b = baz(5);
> }
I must admit that I haven't read the rest of the thread yet, but
I think the obvious and correct solution is to disallow passing
locals (including non-ref parameters, which are effectively
locals in D) as non-scope ref arguments.
The scope attribute, once properly implemented, would make sure
that the reference is not escaped. For now, we could just make it
behave overly conservative in @safe code.
David
More information about the Digitalmars-d
mailing list