My Reference Safety System (DIP???)
Zach the Mystic via Digitalmars-d
digitalmars-d at puremagic.com
Thu Feb 26 14:45:18 PST 2015
On Thursday, 26 February 2015 at 20:46:07 UTC, deadalnix wrote:
> Consider :
>
> void foo(T** a) {
> T** b = a; // OK
> T* = ...;
> *b = c; // Legal because of your transitive clause,
> // but not safe as a can have an
> // arbitrary large lifetime.
> }
This example's incomplete, but I can guess you meant something
like this:
void foo(T** a) {
T** b = a; // OK
T d;
T* c = &d;
*b = c; // Legal because of your transitive clause,
// but not safe as a can have an
// arbitrary large lifetime.
}
> This show that anything you reach through an indirection can
> have from the same lifetime as the indirection up to an
> infinite lifetime (and anything in between). When using it as
> an lvalue, you should consider the largest possible lifetime,
> when using it as an rvalue, you should consider the smallest
> (this is the only way to be safe).
I'm starting to see what you mean. I guess it's only applicable
to variables with double (or more) indirections (e.g. T**, T***,
etc.), since only they can lose information with transitive
scopes. Looks like we need a new rule: variables assigning to one
of their double indirections cannot acquire a scope-depth greater
than (or lifetime less than) their current one. Does that fix the
problem?
More information about the Digitalmars-d
mailing list