ref is unsafe
deadalnix
deadalnix at gmail.com
Thu Jan 3 15:14:07 PST 2013
On Thursday, 3 January 2013 at 22:50:38 UTC, Rob T wrote:
> The problem with that idea, is that a ref return with no
> arguments may call another ref return that returns something
> that escapes the scope it was created in. If the source code is
> not available, then there's no way for the compiler to
> determine that this is going on.
>
You can't return a scope ref in @safe code, so that is not an
issue.
> I would suggest to disallow all ref returns that make use of a
> ref return function call *unless* the code portion is marked as
> @trusted, and to to that requires following the ideas presented
> for changing how @trusted should be implemented, ie allowing
> selected portions of otherwise unsafe code to be marked as
> trusted by a programmer who has verified the use of the code to
> be safe given the context.
>
>> The scope attribute, once properly implemented, would make
>> sure that the reference is not escaped. For now, we could just
>> make it behave overly conservative in @safe code.
>>
>> David
>
> My understanding was that in some cases that source code is not
> available to the compiler, which I would think means that
> preventing scope escaping cannot be 100% guaranteed, correct?
>
This is why the scope qualifier exists.
More information about the Digitalmars-d
mailing list