nogc v0.5.0 - DIP1008 works!
Atila Neves
atila.neves at gmail.com
Fri May 24 13:13:12 UTC 2019
On Friday, 24 May 2019 at 12:32:45 UTC, ag0aep6g wrote:
> On 24.05.19 13:41, Atila Neves wrote:
>> [...]
>
> You've got safety violations:
>
> ----
> /+ dub.sdl:
> name "test"
> dependency "nogc" version="~>0.5.0"
> +/
>
> import core.stdc.stdio: puts;
>
> struct S1
> {
> S2 s2;
> this(ref const S1 src) const @nogc @system { this.s2 =
> src.s2; }
> }
>
> struct S2
> {
> this(ref const S2 src) const @nogc @system { puts("@system
> 1"); }
> }
>
> struct Z
> {
> char* stringz() const @nogc @system
> {
> puts("@system 2");
> return null;
> }
> }
>
> struct UnsafeAllocator
> {
> import std.experimental.allocator.mallocator: Mallocator;
> enum instance = UnsafeAllocator.init;
> void deallocate(void[] bytes) @nogc @system
> {
> puts("@system 3");
> Mallocator.instance.deallocate(bytes);
> }
> void[] allocate(size_t sz) @nogc @system
> {
> puts("@system 4");
> return Mallocator.instance.allocate(sz);
> }
> }
>
> void main() @safe @nogc
> {
> import nogc: BUFFER_SIZE, text;
> S1 a;
> Z* z;
> auto t = text!(BUFFER_SIZE, UnsafeAllocator)(a, z);
> }
> ----
>
> All of the `puts` lines are executed. That should not be
> possible in @safe code. You're applying @trusted too liberally.
Thanks for this. I think the only violation is calling `stringz`
on `Z`, and that was due to a poorly designed DbI check on being
able to call `stringz`. Allocating generally isn't @system, and
freeing is ok to trust since vector is taking care of it for us.
I've pushed a fix.
More information about the Digitalmars-d-announce
mailing list