Rvalue references - The resolution
Zach the Mystic
reachzach at gggggmail.com
Sun May 5 23:20:51 PDT 2013
On Saturday, 4 May 2013 at 18:33:04 UTC, Walter Bright wrote:
> Static Compiler Detection (in @safe mode):
>
> 1. Do not allow taking the address of a local variable, unless
> doing a safe type 'paint' operation.
>
> 2. In some cases, such as nested, private, and template
> functions, the source is always available so the compiler can
> error on those. Because of the .di file problem, doing this
> with auto return functions is problematic.
>
> 3. Issue error on return statements where the expression may
> contain a ref to a local that is going out of scope, taking
> into account the observations.
>
> Runtime Detection
>
> There are still a few cases that the compiler cannot statically
> detect. For these a runtime check is inserted, which compares
> the returned ref pointer to see if it lies within the stack
> frame of the exiting function, and if it does, halts the
> program. The cost will be a couple of CMP instructions and an
> LEA. These checks would be omitted if the -noboundscheck
> compiler switch was provided.
This is a brilliant solution. I'm glad my DIP seems to have
helped pivot the design process into this superior conclusion,
which uses something, i.e. runtime checking, I simply didn't
think of. I guess I didn't realize that the stack has "bounds",
so to say.
I suppose that underneath the hood the compiler will still track
the state of the return value using something like a 'scope' bit.
It's just that the user code doesn't need to see this bit, which
is probably how it should be. And it's great to realize that a
suitable safety framework - -noboundscheck - has been found which
already exists to encompass the checking.
I think the main data still to be researched is the slowdown with
both compile and run times with this checking implemented - not
that I see how to avoid it, but it's better to know than not to
know, right?
More information about the Digitalmars-d
mailing list