> On Sep 7, 2017, at 5:37 PM, Joe Groff <jgr...@apple.com> wrote:
>>
>> The important thing is that the UnsafeBufferPointer API is clearly
>> documented. We do not want users to think it’s ok to deallocate a smaller
>> buffer than they allocated.
>>
>> Unfortunately, there’s actually no way to assert this in the runtime because
>> malloc_size could be larger than the allocated capacity. Incorrect code
>> could happen to work and we can live with that.
>
> Would it be sufficient to assert that malloc_good_size(passedCapacity) ==
> malloc_size(base) ? It wouldn't be perfect but could still catch a lot of
> misuses.
That theory does hold up for a million random values, but I don’t know if we
can rely on malloc_size never being larger than roundUp(sz, 16). Greg?
-Andy
_______________________________________________
swift-evolution mailing list
swift-evolution@swift.org
https://lists.swift.org/mailman/listinfo/swift-evolution