-
Notifications
You must be signed in to change notification settings - Fork 1
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Handle generic functions #3
Comments
(Ignore what I wrote, I forgot we had changed that bit of the code 😛 |
This shows how we can partially get around the problem with types defined in foreign crates etc. In rust-sesssions, we could imagine creating a trait and impl like this: ``` unsafe trait Closeable { fn close(self); } unsafe impl Closeable for Vec<Chan<Eps>> { #[allow_drop="collections::vec::Vec<Chan<Eps>>"] fn close(self) { } } ``` Of course, there's a problem with the environment, as the Chan actually looks like `Chan<E, Eps>`, where E is something we don't know, and don't really care about. TODO: Some kind of pattern matching could perhaps solve this? cc #3
The code in the fix-generics branch is an attempt at this. However, it still needs to error on stuff like |
\o/ |
Actually there are several problems here:
1 and 3 are closely related of course, but the added problem of 1 is that, since |
After some discussion about this, I'm not sure we can currently handle 1 and 2 from above in an exhausstive manner. For example, consider the following function (defined in an external crate from the one humpty is currently checking): fn foo<T>(v: Vec<T>) -> Vec<T> {
let mut new_v = Vec::new();
if let Some(x) = v.into_iter().last() {
new_v.push(x);
}
x
} Since humpty can only access the meta-data for the function, ie. the argument types and the return type, we have no way of knowing whether or not it is safe to call with a protected value. My current thinking is that we could simply warn on calls to external functions (that don't have I still think that 3 from above can be addressed, but we'd probably have to invoke check_fn recursively (with some kind of state tracking to avoid overflow) with the type parameters instantialized to the protected types we call it with. cc @laumann |
This makes sense. We can just change the
modulo whitelist
Note that we already do this.
The only way to work around this is:
|
One thing we don't handle is functions like this:
Since we just check all functions, but not instantiations of them, we can call dropit on a drop protected var. Any suggestions?
@Manishearth writes:
However, stuff like
let mut v = Vec::new(); let c = Chan(); v.push(c); let c_ = v.pop(); c_.close()
should be allowed.The text was updated successfully, but these errors were encountered: