On Thursday, 11 August 2016 at 21:57:06 UTC, Walter Bright wrote:
On 8/11/2016 6:36 AM, Marc Schütz wrote:
4) The DIP doesn't address mutable aliasing at all. As a
consequence, the
example `RefCountedSlice` is unsafe:
auto arr = RefCountedSlice!int(10);
auto ptr = &arr[5];
arr = RefCountedSlice!int(42);
*ptr = 1; // use after free
The idea is to have containers return references by 'return
ref' or 'return scope' so the internal references can't escape
the expression they're used in.
So &arr[5] would be an error. The bug can still occur when
passing arr and arr[5] both by reference to a function, but that
case can (in future) be solved by making RefCountedSlice an @rc
object*.
* https://wiki.dlang.org/DIP77
