Why is rehash not @safe?
via Digitalmars-d-learn
digitalmars-d-learn at puremagic.com
Sat Aug 30 11:16:36 PDT 2014
On Saturday, 30 August 2014 at 17:31:54 UTC, monarch_dodra wrote:
> On Saturday, 30 August 2014 at 14:27:04 UTC, Nordlöw wrote:
>> I just noticed that AA rehash is @system. Is there a reason
>> for this? Is it system because bad things can happen or simply
>> because it's a low level function? Should I always tag
>> functions calling rehash as @trusted?
>
> AFAIK, the whole problem is one of attributes, and run-time
> inference.
>
> AA's are mostly run-time implemented. When you have a U[T], and
> you want to rehash, then the AA will make a run-time call to
> typeinfo(T).hash();
AFAICS, it doesn't:
https://github.com/D-Programming-Language/druntime/blob/master/src/rt/aaA.d#L355-L412
The computed hash is cached in the buckets. It doesn't even
access the typeid that it gets passed from the user-facing
rehash().
This means that _aaRehash() can probably marked as @trusted;
rehash() will then be automatically inferred as @safe, because
it's a set of templates.
>
> The issue is that here, you need to support *all* of the hash
> function for *all* of the T types.
>
> If you make rehash @trusted, then you may end up calling
> @system hash functions in a @safe context.
>
> If you make it @safe, then you either break code, or make it
> impossible for end users to provide their @system hash
> functions.
>
> Really, it's lose-lose. The only (AFAIK) solution is to migrate
> AA's to a template-library that individually infers the correct
> safety for every types.
More information about the Digitalmars-d-learn
mailing list