Possible change to array runtime?

[Jonathan M Davis]

On Sunday, March 16, 2014 13:14:15 Joseph Rushton Wakeling wrote:
> Problem is, this still seems like safety-by-programmer-virtue. It's far too
> easy to write ".length = 0" casually and without any attention to
> consequences one way or the other.
> 
> Isn't the whole point of the requirement to use assumeSafeAppend that it
> really forces the user to say, "Yes, I want to do away with the contents of
> the array and I take full responsibility for ensuring there's nothing else
> pointing to it that will break" ... ?
> 
> I must say that personally I'd rather have the safety-by-default and the
> obligation to write assumeSafeAppend (or use Appender!T) where performance
> needs it, than risk code breaking because someone's function accidentally
> throws away stuff that I still had a slice of.

I tend to agree with this. Setting an array's length to 0 with the expectation 
that you will then reuse that memory is inherently unsafe. What if there are 
other arrays still referring to the same data? They'll be stomped, which could 
do some very nasty things - especially if we're talking about structs rather 
than strings.

assumeSafeAppend is explicitly unsafe and makes it clear what you're doing, 
whereas while setting an array's length to 0 may be generally nonsensical if 
you're not intending to reuse the memory again, having that essentially call 
assumeSafeAppend for you could result in very pernicious bugs when someone is 
foolish enough to set an array's length to 0 when they still have other slices 
to some or all of that array. I really think that the assumeSafeAppend needs 
to be explicit.

- Jonathan M Davis