Allocator-aware @safe reference counting is still not possible
Paul Backus
snarwin at gmail.com
Fri Apr 14 15:23:58 UTC 2023
On Friday, 14 April 2023 at 13:42:15 UTC, Atila Neves wrote:
> On Sunday, 25 September 2022 at 12:03:08 UTC, Paul Backus wrote:
>> D has made a lot of progress recently on memory safety with
>> `-preview=dip1000`, thanks in no small part to [the work of
>> Dennis Korpel][1]. This progress has in turn enabled the
>> creation of [`SafeRefCounted`][2] by Ate Eskola, which will
>> hopefully be available in the next release of Phobos.
>>
>> [...]
>
> Couldn't it be `@safe` iff the particular allocator's
> deallocate is `@safe` (or missing)?
Yes. The obvious follow-up question is, "what does it take to
make a `deallocate` method `@safe`?" And the answer is: it takes
`isolated`, or some other way to restrict aliasing in `@safe`
code.
As Timon [1] and others [2][3] has helpfully explained, now that
we have `@system` variables from DIP 1035, it is possible to do
this without adding new language features, although the UX is not
ideal.
So, the current next step on the TODO list is to design a new
allocator API that takes advantage of these techniques to make
`deallocate` `@safe`.
[1] https://forum.dlang.org/post/tr9j1h$1fvd$1@digitalmars.com
[2]
https://forum.dlang.org/post/xggosoodlcegitocruwf@forum.dlang.org
[3]
https://forum.dlang.org/post/gdkikaklqyvxdyklvmug@forum.dlang.org
More information about the Digitalmars-d
mailing list