DIP25
DIP25: Sealed references
Title: | Sealed references |
---|---|
DIP: | 25 |
Version: | 1 |
Status: | Draft |
Created: | 2013-02-05 |
Last Modified: | 2013-02-05 |
Author: | Andrei Alexandrescu and Walter Bright |
Links: |
Abstract
D offers a number of features aimed at systems-level coding, such as unrestricted pointers, casting between integers and pointers, and the @system
attribute. These means, combined with the other features of D, make it a complete and expressive language for systems-level tasks. On the other hand, economy of means should be exercised in defining such powerful but dangerous features. Most other features should offer good safety guarantees with little or no loss in efficiency or expressiveness. This proposal makes ref
provide such a guarantee: with the proposed rules, it is impossible in safe code to have ref
refer to a destroyed object. The restrictions introduced are not backward compatible, but disallow code that is stylistically questionable and that can be easily replaced either with equivalent and clearer code.
In a nutshell
Description
Currently, D has some provisions for avoiding dangling references:
ref int fun(int x) {
return x; // Error: escaping reference to local variable x
}
ref int gun() {
int x;
return x; // Error: escaping reference to local variable x
}
However, this enforcement is shallow. The following code compiles and allows reads and writes through defunct stack locations, bypassing scoping and lifetime rules:
ref int id(ref int x) {
return x;
}
ref int fun(int x) {
return id(x);
}
ref int gun() {
int x;
return x;
}
Copyright
This document has been placed in the Public Domain.