DIP1000: Scoped Pointers (Discussion)
deadalnix via Digitalmars-d
digitalmars-d at puremagic.com
Thu Aug 11 07:01:10 PDT 2016
On Thursday, 11 August 2016 at 13:36:06 UTC, Marc Schütz wrote:
> 2) The lifetime algebra contains lots of rules saying "only
> applicable to pointer types". That's an indication that some of
> the definitions weren't well chosen.
Yes, the spec should limit itself to types with and without
indirections.
> 3) LHS and RHS need to be treated differently, at least for the
> ternary operator (min for RHS, max for LHS); consider
>
I proposed computing revalue and lvalue lifetime differently.
When reading, you need to make the most concervative lifetime
compuation, but when writing, you need to make the least
concervative lifetime computation, in both cases to prevent use
after free.
The DIP choses instead to limit the number of indirection
supported, which I don't think is the right tradeof.
> As a consequence, there must be two lifetimes associated with
> every reference.
>
Pretty much.
> 4) The DIP doesn't address mutable aliasing at all. As a
> consequence, the example `RefCountedSlice` is unsafe:
>
> auto arr = RefCountedSlice!int(10);
> auto ptr = &arr[5];
> arr = RefCountedSlice!int(42);
> *ptr = 1; // use after free
There are essentially 2 aproaches I know of: creating a copy of
the owner for the lifetime ptr, or disabing the owner (accessing
arr while ptr is alive is an error).
Both require ownership to work.
More information about the Digitalmars-d
mailing list