Why can't I give a function's return type the scope storage class?
ag0aep6g
anonymous at example.com
Tue Mar 19 14:28:00 UTC 2019
On 19.03.19 11:19, Atila Neves wrote:
> On Tuesday, 19 March 2019 at 03:16:04 UTC, Walter Bright wrote:
>> On 3/18/2019 7:28 PM, jmh530 wrote:
>>> BTW, did you see this:
>>> https://atilaoncode.blog/2019/03/13/issues-dip1000-cant-yet-catch/
[...]
> The fact is that DIP1000 didn't prevent me from writing @safe code where
> a pointer dangled.
I don't think that's what happens. As far as I see, you get a dangling
pointer, because you've got bad `@trusted` code in automem [1]:
() @trusted { _allocator.expandArray(mutableElements,
delta.toSizeT); }();
By default, `_allocator` is `GCAllocator` (via some obfuscations).
`expandArray` calls the allocator's `reallocate` method.
`GCAllocator.reallocate` is not memory safe. The documentation says [2]:
"The deallocate and reallocate methods are @system because they
may move memory around, leaving dangling pointers in user code"
[1]
https://github.com/atilaneves/automem/blob/4d8e8800b27ac7e92ed066237fd1359f59116fc5/source/automem/vector.d#L441
[2]
https://dlang.org/phobos/std_experimental_allocator_gc_allocator.html#.GCAllocator.reallocate
More information about the Digitalmars-d
mailing list