Destructor attribute inheritance, yea or nay?
Stanislav Blinov via Digitalmars-d
digitalmars-d at puremagic.com
Fri May 26 05:32:46 PDT 2017
On Monday, 22 May 2017 at 17:05:06 UTC, Stanislav Blinov wrote:
> Considering that the core runtime component - the GC - is the
> one that usually handles finalization, it follows that *GC
> collection can never be @safe*. And since collection only
> happens during allocation, it follows that allocation cannot be
> @safe either. Nor can they be @trusted, because destructors are
> effectively not restricted in any way.
This program, executed on my machine:
>import std.stdio;
>
>class Innocious
>{
> ~this() @safe {}
>}
>
>class Malicious : Innocious
>{
> int[] data;
>
> this() @safe
> {
> data = new int[1000000];
> }
>
> ~this()
> {
> writeln(" Sure, here you go:");
> writeln(" import std.random;");
> writeln(" auto n = uniform(1, uint.max);");
> writeln(" *(cast(int*)n) = 0xbadf00d;");
> }
>}
>
>void important() @safe
>{
> writeln("I am working here, i'm not doing anything
> dangerous...");
> scope(exit) writeln("I'm good, no, I'm awesome. You can
> trust me!");
> writeln(" Good GC, would you kindly give me some room to
> maneuver?");
> int[] storage = new int[1000000];
> /* do some calculations... */
>}
>
>void oblivious() @safe
>{
> Innocious i = new Malicious();
> /* do something with i and then leave it for GC. */
>}
>
>void main()
>{
> oblivious();
> important();
>}
prints this:
> I am working here, i'm not doing anything dangerous...
> Good GC, would you kindly give me some room to maneuver?
> Sure, here you go:
> import std.random;
> auto n = uniform(1, uint.max);
> *(cast(int*)n) = 0xbadf00d;
> I'm good, no, I'm awesome. You can trust me!
More information about the Digitalmars-d
mailing list