DIP 1021--Argument Ownership and Function Calls--Final Review
Olivier FAURE
couteaubleu at gmail.com
Wed Sep 18 12:15:11 UTC 2019
On Wednesday, 18 September 2019 at 11:18:30 UTC, Walter Bright
wrote:
> The smaller picture is that one cannot create a ref counted
> objected that can safely expose a ref to its payload without
> this proposal.
One cannot create a ref-counted object that can safely expose its
payload *with* this proposal either.
eg:
@safe:
void foo(ref RefCounted rc, ref RefCounted rc2) {
rc.reset();
rc2.get() = 42; // Whoops, memory corruption
}
void test() {
RefCounted rc = someData();
RefCounted* rc2 = &rc;
foo( rc, *rc2 );
}
Any proposal which doesn't have data flow analysis won't provide
actual memory safety.
More information about the Digitalmars-d
mailing list