ref is unsafe
Nick Treleaven
ntrel-public at yahoo.co.uk
Sun Dec 30 09:32:40 PST 2012
On 30/12/2012 09:17, Jonathan M Davis wrote:
> The problem is the wrapper function.
> You'd also have to disallow functions from returning ref parameters by ref.
> Otherwise,
>
> ref int foo(ref int i)
> {
> return i;
> }
>
> ref int baz(int i)
> {
> return foo(i);
> }
>
> continues to cause problems. And making it illegal to return ref parameters by
> ref would be a serious problem for wrapper ranges, because they do that sort
> of thing all the time with front. So, that's not really going to work.
I think the compiler needs to be able to mark foo as a function that
returns its input reference. Then, any arguments to foo that are locals
should cause an error at the call site (e.g. in baz). So legal calls to
foo can always be @safe.
To extend the above code:
ref int quux(ref int i)
{
return foo(i);
}
Here the compiler already knows that foo returns its input reference. So
it checks whether foo is being passed a local - no; but it also has to
check if foo is passed any ref parameters of quux, which it is. The
compiler now has to mark quux as a function that returns its input
reference.
Works?
More information about the Digitalmars-d
mailing list