[Issue 11240] assumeSafeAppend could implicitly break immutablity

d-bugmail at puremagic.com d-bugmail at puremagic.com
Sun Oct 13 01:18:09 PDT 2013


http://d.puremagic.com/issues/show_bug.cgi?id=11240



--- Comment #2 from Kenji Hara <k.hara.pg at gmail.com> 2013-10-13 01:18:08 PDT ---
(In reply to comment #1)
> Is this valid though?
> 
> assumeSafeAppend is an unsafe function that *requires* no one else have a view
> on the items after the end of the array.
> 
> Just the same, you will overwrite the old items, without destroying them, nor
> assigning over them.
> 
> I think this is just an unsafe function that was used wrong. The result is
> simply undefined behavior.
> 
> I think it would be a needless restriction to not allow assumeSafeAppend on
> immutable (and const).
> 
> This seems invalid to me.

Because the unsafe-ness is hidden in assumeSafeAppend function template. If you
pass immubtale(int)[] array reference to it in generic code, it could easily
break type-system silently (And yes, I didn't noticed the risk until now). As
the API design, it would be better to reject such a misuse.

In other words, if you really wants to charge the capacity of immutable(int)[],
enforcing explicit cast on caller side would be better.

    immutable(int)[] a = ...;
    //a = assubeSafeAppend(a);    // compile error
    a = cast(typeof(a))aassubeSafeAppend(cast(int[])a);  // ugly, but explicit

-- 
Configure issuemail: http://d.puremagic.com/issues/userprefs.cgi?tab=email
------- You are receiving this mail because: -------


More information about the Digitalmars-d-bugs mailing list