fix Issue 15862 - allocating storage in pure functions should not res…

[WalterBright]

…ult in caching return values of them

[dlang-bot]

Fix	Bugzilla	Description
✓	15862	Functions that return types with mutable indirections should be weakly pure, not strongly pure

[MetaLang]

Why the weird style of assert?

[MetaLang]

assert(p1 is p2)?

[Geod24]

To get those asserts to be ran in release.
It's trying to solve a common problem with assert: https://forum.dlang.org/thread/ed318016-16e9-965f-4d66-c0c94dd2564c@sociomantic.com
I'd say lets revisit when we fix said issue.

[MetaLang]

Ah, I see. Thanks.

[PetarKirov]

@MetaLang I think you meant assert(p1 !is p2).
I would use p1 !is p2 || assert(0) (and IIRC @andralex too according to TDPL).

[PetarKirov]

The implementation looks ok (minus one small typo), and it's a step in the right direction (fixes a bug), but I'm worried that this change implies that non-@nogc memory management schemes cannot be pure (because the result of @nogc void* allocate(size_t size) could be cached/reused) which seriously limits the usability of std.experimental.allocators in pure code.

Instead of using @nogc as a proxy for determining if the result can be cached, I thought we mostly agreed to use the mutability of the return type - immutable return type -> can cache, non-immutable -> caching is not safe (e.g. caller of an() could modify the returned array, in which case using a cached result would simply yield wrong results; N.B. it doesn't matter, that an() returns null, in general the body may not be available to the compiler, and only the function signature should be relied upon).

Pinging @klickverbot as our safe-ty and purity guru :P

[PetarKirov]

many -> may

[dnadlinger]

@ZombineDev: See the discussion on Bugzilla. It seems like the right choice is not to trigger referential transparency-based optimisations for return types with mutable indirections in general, rather than basing this on @nogc. I don't think this is something our current, imprecise laguage definition unambiguously states, though.

[WalterBright]

This is reimplemented to be based on the mutability of the return type. The same logic is used as for the mutability of the function parameters, so I factored that out into a nested function they both call.

[codecov-io]

Current coverage is 87.35% (diff: 94.59%)

Merging #6197 into master will decrease coverage by <.01%

@@             master      #6197   diff @@
==========================================
  Files           104        104          
  Lines         57465      57474     +9   
  Methods           0          0          
  Messages          0          0          
  Branches          0          0          
==========================================
+ Hits          50202      50209     +7   
- Misses         7263       7265     +2   
  Partials          0          0          

Powered by Codecov. Last update 3ddd65b...5e66e36

[andralex]

LGTM, @MartinNowak wanna take a look?

[MartinNowak]

This could increase purity again, couldn't it? How about replacing the switch with purity = min(purity, purityOfType(isref, t))?

[WalterBright]

This could increase purity again, couldn't it?

No, because any setting of PUREweak exits the loop.

How about replacing the switch with purity = min(purity, purityOfType(isref, t))?

Because there is no reason to continue with the loop once purity is set to PUREweak.

[MartinNowak]

Too clever usage of break/continue in switch nested in a loop IMO.
Hope you agree that break Lloop is better here :).

[MartinNowak]

Auto-merge toggled on

[nordlow]

Does this mean that we can now qualify druntime defs of C alloc functions such as

https://dlang.org/library/core/stdc/stdlib/malloc.html

and alikes as pure?

If so, I can do it!

[andralex]

affirmative

[nordlow]

And Mallocator?

[andralex]

affirmative

[nordlow]

@andralex: see https://github.com/dlang/druntime/pull/1683/files