Make the allocators' unittests and allocate, owns and resolveInternal…#5330
Make the allocators' unittests and allocate, owns and resolveInternal…#5330edi33416 wants to merge 3 commits intodlang:masterfrom
Conversation
| { | ||
|
|
||
| size_t goodAllocSize(size_t s) | ||
| @safe size_t goodAllocSize(size_t s) |
There was a problem hiding this comment.
There's no guarantee that parent.goodAllocSize is @safe. Best leave this to be inferred.
There was a problem hiding this comment.
Imho I think that this function should be safe and thus I thought we should enforce it upon the parent.
|
|
||
| static if (hasMember!(Allocator, "owns")) | ||
| Ternary owns(void[] b) | ||
| @safe Ternary owns(void[] b) |
|
Under no circumstances should |
|
I've protested the change to import core.memory: GC;
import std.stdio: writeln;
import std.experimental.allocator: make;
import std.experimental.allocator.building_blocks: NullAllocator, Region;
struct S { int* p; }
void main() @safe /* !! */
{
auto buf = new ubyte[](S.sizeof);
auto r = Region!(NullAllocator, 1)(buf);
S* s = r.make!S(new int);
*(*s).p = 42;
writeln(*(*s).p); /* prints "42" as expected */
version (none) GC.collect(); /* not @safe */
else new int[](1_000); /* trigger a GC collection in an @safe manner */
*(new int) = 13;
writeln(*(*s).p); /* prints "13" - whoopsie */
}This is exactly what must not happen in |
|
OK @edi33416 and I just talked about this and we'll go with the following idea - define this struct: struct OpaquePointer
{
private void* pointer;
@disable this(void*);
}Now, Allocators that manage a raw buffer of memory will accept @edi33416 you may want to shorten this PR to only include the other, simpler primitives. |
edi33416
force-pushed
the
allocators_safe_allocation
branch
from
8493c56 to
09145d5
Compare
|
this is being sold as parts :) |
5 participants
…Pointer methods safe
Allocating memory should be a safe operation and so should functions like owns and resolveInternalPointer.