[Issue 4995] New: invariant() can violate a function's nothrow

d-bugmail at puremagic.com d-bugmail at puremagic.com
Mon Oct 4 22:49:29 PDT 2010 

http://d.puremagic.com/issues/show_bug.cgi?id=4995

           Summary: invariant() can violate a function's nothrow
           Product: D
           Version: unspecified
          Platform: Other
        OS/Version: Linux
            Status: NEW
          Severity: normal
          Priority: P2
         Component: DMD
        AssignedTo: nobody at puremagic.com
        ReportedBy: jmdavisProg at gmx.com


--- Comment #0 from Jonathan M Davis <jmdavisProg at gmx.com> 2010-10-04 22:49:07 PDT ---
Take this program:

import std.stdio;

struct S
{
    int val() nothrow
    {
        return 7;
    }

    invariant()
    {
        throw new Exception("Hello from your friendly, neighborhood
invariant!");
    }
}

void main()
{
    auto s = S();
    writeln(s.val);
}


It results in this output:

object.Exception: Hello from invariant
----------------
./d(nothrow int d.S.val()) [0x807ece2]
./d(_Dmain+0x12) [0x807ed3a]
./d(extern (C) int rt.dmain2.main(int, char**)) [0x8084cd6]
./d(extern (C) int rt.dmain2.main(int, char**)) [0x8084c30]
./d(extern (C) int rt.dmain2.main(int, char**)) [0x8084d1a]
./d(extern (C) int rt.dmain2.main(int, char**)) [0x8084c30]
./d(main+0x96) [0x8084bd6]
/usr/lib32/libc.so.6(__libc_start_main+0xe6) [0xf7595c76]
./d() [0x807ec21]


This, in spite of the fact that val() is specifically marked as nothrow. This
is particularly interesting since the compiler does complain about impure
invariants (bug # 4974). Now, I hate to make invariants even pickier about
whether they'll compile or let your struct/class compile, but this clearly
violates the fact that val() is marked as nothrow. This program should not
compile (or at least not with these semantics). I see two options:

1. The compiler should refuse to compile an invariant which throws if any
function on the type is nothrow (very annoying, but possible necessary).

2. Merely change the generated code to consider any exception escaping the
invariant to result in the invariant failing, as if you had

scope(FAILURE) assert(0, "Exception thrown in invariant.");

at the top of the invariant. This seems like a much nicer solution to me.


Regardless, the code which is currently generated is obviously wrong.

-- 
Configure issuemail: http://d.puremagic.com/issues/userprefs.cgi?tab=email
------- You are receiving this mail because: -------

More information about the Digitalmars-d-bugs mailing list