Re: RC buffer
On 11/02/2016 01:00 AM, Andrei Alexandrescu wrote: In order to make opAssign safe, a language change will be necessary. Take that back, no need for a language change as long as nobody returns references to refcounted memory. Just pushed a commit to add @safe-ty annotations everywhere. Works as advertised! So now we have a buffer of ubyte that is reference counted, safe, and supports qualifiers properly (no shared yet). https://github.com/dlang/phobos/pull/4878 Andrei
Re: RC buffer
On 11/02/2016 11:32 AM, Andrei Alexandrescu wrote:
On 11/02/2016 07:29 AM, Nick Treleaven wrote:
On Wednesday, 2 November 2016 at 05:00:23 UTC, Andrei Alexandrescu wrote:
In order to make opAssign safe, a language change will be necessary.
Technically, it should be possible with runtime checks:
https://forum.dlang.org/post/aeeffshzkfjbrejzt...@forum.dlang.org
The checking overheads disappear when -noboundschecks is passed. The
user has to manually copy the RCSlice when necessary for correct code.
It seems opAssign for RCSlice is unsafe, is that right? Consider (with
your codebase):
@safe void fun(ref RCSlice!int a, ref RCSlice!int b)
{
a = RCSlice!int();
... use b ...
}
@safe void gun(ref RCSlice!int s)
{
fun(s, s);
}
Assume the reference count of s is 1 upon entering gun. Then the first
thing opAssign does is to call the destructor of the slice, which
deallocates memory. Subsequently the other reference (b) is dangling.
Ah, never mind, the two names refer to the same object. -- Andrei
Re: RC buffer
On 11/02/2016 07:29 AM, Nick Treleaven wrote:
On Wednesday, 2 November 2016 at 05:00:23 UTC, Andrei Alexandrescu wrote:
In order to make opAssign safe, a language change will be necessary.
Technically, it should be possible with runtime checks:
https://forum.dlang.org/post/aeeffshzkfjbrejzt...@forum.dlang.org
The checking overheads disappear when -noboundschecks is passed. The
user has to manually copy the RCSlice when necessary for correct code.
It seems opAssign for RCSlice is unsafe, is that right? Consider (with
your codebase):
@safe void fun(ref RCSlice!int a, ref RCSlice!int b)
{
a = RCSlice!int();
... use b ...
}
@safe void gun(ref RCSlice!int s)
{
fun(s, s);
}
Assume the reference count of s is 1 upon entering gun. Then the first
thing opAssign does is to call the destructor of the slice, which
deallocates memory. Subsequently the other reference (b) is dangling.
Andrei
Re: RC buffer
On 11/2/16 7:42 AM, anonymous wrote: BTW about this PR: why RCString an not more generally RCArray ? RCArray comes on top of RCBuffer. That way we isolate the matter of reference counting the buffer itself from the matter of managing the objects stored in the buffer. It's a simple matter of modularity. (Matters of alignment make this a bit more involved than it might seem, but nothing crazy.) What is important (and probably unprecedented) about this PR is that it's the first reference counted artifact that works with qualifiers without resorting to undefined casts. That's the Big Thing about it. It harkens back to Dicebot idea to stash the reference counter in the allocator. Andrei
Re: RC buffer
On Wednesday, 2 November 2016 at 05:00:23 UTC, Andrei Alexandrescu wrote: I've eliminated all UTF nonsense from https://github.com/dlang/phobos/pull/4878 resulting in a bare reference counted buffer of (qualified) ubyte. Andrei BTW about this PR: why RCString an not more generally RCArray ?
Re: RC buffer
On Wednesday, 2 November 2016 at 05:00:23 UTC, Andrei Alexandrescu wrote: In order to make opAssign safe, a language change will be necessary. Technically, it should be possible with runtime checks: https://forum.dlang.org/post/aeeffshzkfjbrejzt...@forum.dlang.org The checking overheads disappear when -noboundschecks is passed. The user has to manually copy the RCSlice when necessary for correct code. The RCSlice in the link is just a basic proof of concept, using RCRef for temporary references. It doesn't handle reallocations - I think to have early diagnostics of potential errors it would need to have a separate RCRef reference count from the main count. That would be used to check there are no RCRef references alive when the main count is one and a reallocation could potentially occur - e.g. when appending. I think with this (hypothetical) RCSlice it's bug-prone to allow the user *not* to make a temporary copy of the RCSlice in this scenario because errors could depend on unknown runtime behaviour, not showing up in testing. I mention this partly because I think this scenario has an impact on the design of a DIP to address when to automatically add reference counting bumps - perhaps a @rcbump attribute is necessary. Otherwise the compiler can't know if an external function taking an RCString performs an append or not.
Re: RC buffer
On Wednesday, 2 November 2016 at 05:00:23 UTC, Andrei Alexandrescu wrote: I've eliminated all UTF nonsense from https://github.com/dlang/phobos/pull/4878 resulting in a bare reference counted buffer of (qualified) ubyte. The goal is to get the buffer @safe and be able to have a reasonable explanation for each and every cast. (There are no safety annotations currently, but the code passes unittests and supports qualifiers.) No undefined behavior casts should be used (e.g. that cast away immutability), only simple adjustments for realities that the type system is unable to cover. In order to make opAssign safe, a language change will be necessary. Andrei Great goal, I wish you to do it!
Re: RC buffer
On Wednesday, 2 November 2016 at 05:32:13 UTC, Nicholas Wilson wrote: On Wednesday, 2 November 2016 at 05:00:23 UTC, Andrei Alexandrescu wrote: I've eliminated all UTF nonsense from https://github.com/dlang/phobos/pull/4878 resulting in a bare reference counted buffer of (qualified) ubyte. The goal is to get the buffer @safe and be able to have a reasonable explanation for each and every cast. (There are no safety annotations currently, but the code passes unittests and supports qualifiers.) No undefined behavior casts should be used (e.g. that cast away immutability), only simple adjustments for realities that the type system is unable to cover. In order to make opAssign safe, a language change will be necessary. Andrei Shouldn't all those` assert(b ~ c == "bc".representation);`s be static asserts? Derp. copied wrong line. I meant all the typeof asserts.
Re: RC buffer
On Wednesday, 2 November 2016 at 05:00:23 UTC, Andrei Alexandrescu wrote: I've eliminated all UTF nonsense from https://github.com/dlang/phobos/pull/4878 resulting in a bare reference counted buffer of (qualified) ubyte. The goal is to get the buffer @safe and be able to have a reasonable explanation for each and every cast. (There are no safety annotations currently, but the code passes unittests and supports qualifiers.) No undefined behavior casts should be used (e.g. that cast away immutability), only simple adjustments for realities that the type system is unable to cover. In order to make opAssign safe, a language change will be necessary. Andrei Shouldn't all those` assert(b ~ c == "bc".representation);`s be static asserts?
RC buffer
I've eliminated all UTF nonsense from https://github.com/dlang/phobos/pull/4878 resulting in a bare reference counted buffer of (qualified) ubyte. The goal is to get the buffer @safe and be able to have a reasonable explanation for each and every cast. (There are no safety annotations currently, but the code passes unittests and supports qualifiers.) No undefined behavior casts should be used (e.g. that cast away immutability), only simple adjustments for realities that the type system is unable to cover. In order to make opAssign safe, a language change will be necessary. Andrei
