-
Notifications
You must be signed in to change notification settings - Fork 10.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Diagnostics] Add an edu note explaining @_nonEphemeral diags #31649
Conversation
|
||
Temporary pointers may only be passed as arguments to functions which do not store the pointer value or otherwise allow it to escape the function's scope. The Swift compiler is able to diagnose some, but not all, violations of this rule. Misusing a temporary pointer by allowing it to outlive the enclosing function call results in undefined behavior. | ||
|
||
When calling functions which cannot safely accept temporary pointer arguments, use the `withUnsafe*` family of pointer APIs to explicitly manage pointer lifetimes. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This cries out for an example, or a link to a more elaborate explanation (e.g., the documentation for the APIs mentioned?), or both. I'd wager that there's approximately a 0% chance that someone who is learning about the topic anew from this education note will know what to do based on the dozen words here ("use ... to explicitly manage pointer lifetimes"). We've got a beautiful multi-paragraph explanation of the problem being diagnosed, and then when it comes to any possible solutions, it just...ends.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think I'll need to come up with some kind of simplified example here, even if it ends up being a bit contrived. The issue with linking to the documentation here is that it's hosted only on developer.apple.com, and there's no way of knowing when and if those links will change. It's the main disadvantage of shipping these notes in the toolchain.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks fantastic, thank you for writing this up!
|
||
Temporary pointers may only be passed as arguments to functions which do not store the pointer value or otherwise allow it to escape the function's scope. The Swift compiler is able to diagnose some, but not all, violations of this rule. Misusing a temporary pointer by allowing it to outlive the enclosing function call results in undefined behavior. | ||
|
||
When calling functions which cannot safely accept temporary pointer arguments, use the `withUnsafe*` family of pointer APIs to explicitly manage pointer lifetimes. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for doing this! I think it's great and agree with all the feedback so far.
When calling functions which cannot safely accept temporary pointer arguments, use the
withUnsafe*
family of pointer APIs to explicitly manage pointer lifetimes.
Mentioning withUnsafePointer
opens up a dangerous door. I think it's the biggest issue with the current warnings. The usual reaction will be to think that merely using withUnsafePointer
imbues code with some extra safety--of course it doesn't, it just silences warnings. The educational note is the perfect place to clear this up.
If we leave it as "use withUnsafePointer to manage lifetime" without explaining how to "manage lifetimes", we'll just get a lot of this sort of thing:
struct PointerWrapper {
var ptr: UnsafePointer<Int>
}
func foo(x: Int) -> PointerWrapper {
return withUnsafePointer(to: x) {
PointerWrapper(ptr: $0)
}
}
It may help just to search through some common Swift packages to see common cases of programmers using withUnsafePointer correctly, and contrast that with incorrect usage.
1ce4134
to
8e0f30f
Compare
I ended up adding a more in-depth example of incorrectly initializing an UnsafePointer with |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Edits look great!
8e0f30f
to
792fb87
Compare
Agree, this looks great! |
@swift-ci please smoke test |
The goal here is:
withUnsafe*
APIsSuggestions on how to improve the explanations and/or provide better guidance on best practices are welcome, this isn't really my area of expertise. Once SR-12739 is done we should be able to link to that documentation from here as well.