www.digitalmars.com         C & C++   DMDScript  

digitalmars.D.bugs - [Issue 13589] New: [git-head] Asm statement could be assumed to


          Issue ID: 13589
           Summary: [git-head] Asm statement could be assumed to nothrow,
                    safe, pure by the enclosing function attribute
           Product: D
           Version: D2
          Hardware: All
                OS: All
            Status: NEW
          Severity: enhancement
          Priority: P1
         Component: DMD
          Assignee: nobody puremagic.com
          Reporter: k.hara.pg gmail.com

In git head, a new feature "asm statement with attributes" is introduced.


It's a straight feature that an asm statement should be handled as throwable,
unsafe, and impure by default, and
if you want to assume it as nothrow safe pure, asm statement should have
additonal attibutes.

  asm {nop;}                      // this statement is throwable, unsafe,
  asm nothrow  safe pure {nop;}  // this statement is nothrow, safe, and pure

But, when you want to implementing a function by using inline assembler, and
you want to make the function nothrow, you need to repeat the nothrow attribute
two or more.

auto foo(int a) nothrow  // 1st
    asm nothrow          // 2nd
    {/* operations */}

    int b = a * 2;  // if you mix regular D code

    asm nothrow          // 3nd
    {/* operations */}

The more you use high level code (==D code), the more redundancy it requires.

But, we already *know* that an asm statement is definitely throwable, unsafe,
and impure. It's obvious so compiler will never understand the semantics of
inline assembler code. And asm statements explicitly appear in code, so the
following semantic would be much better in practice.

1. By default, asm statement is handled as throwable, unsafe, and impure.
Therefore attribute inference
   will make the enclosing function as such.

   void foo()() { asm{nop}; }
   static assert(is(typeof(&foo!()) == void function()));
   // typeof(foo!()) neither nothrow,  safe, nor pure

2. if enclosing function is explicitly marked with attributes,
   D compiler can handle that the all asm statements in function body are
assumed as such.

   void foo()() nothrow pure  trusted { asm{nop;} }
   static assert(is(typeof(&foo!()) == void function() nothrow pure  safe));

   void bar() nothrow pure  trusted { asm{nop;} }  // no error

Of course, the attribute violation out of the asm statement should be checked
by compiler.

   void bar() nothrow {
        asm{nop;}  // assmued to nothrow
        throw new Exception("");  // error, nothrow violation

Oct 08 2014