Implement an unsafe expression to cover uses of unsafe constructs #78554
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Introduce an `unsafe` expression akin to `try` and `await` that notes
that there are unsafe constructs in the expression to the right-hand
side. Extend the effects checker to also check for unsafety along with
throwing and async operations. This will result in diagnostics like
the following:
10 | func sum() -> Int {
11 | withUnsafeBufferPointer { buffer in
12 | let value = buffer[0]
| | `- note: reference to unsafe subscript 'subscript(_:)'
| |- warning: expression uses unsafe constructs but is not marked with 'unsafe'
| `- note: reference to parameter 'buffer' involves unsafe type 'UnsafeBufferPointer<Int>'
13 | tryWithP(X())
14 | return fastAdd(buffer.baseAddress, buffer.count)
These will come with a Fix-It that inserts `unsafe` into the proper
place. There's also a warning that appears when `unsafe` doesn't cover
any unsafe code, making it easier to clean up extraneous `unsafe`.
This approach requires that `@unsafe` be present on any declaration
that involves unsafe constructs within its signature. Outside of the
signature, the `unsafe` expression is used to identify unsafe code.
With the move to unsafe effects, we no longer model `unsafe` as an availability problem. Remove all of that supporting code.
DougGregor
requested review from
ahoppen,
bnbarham,
hamishknight,
rintaro,
zoecarver,
hyp,
egorzhdan,
Xazax-hun,
xymus,
AnthonyLatsis,
hborla,
slavapestov,
xedin,
tshortli,
jckarter,
CodaFi and
artemcm
as code owners
|
@swift-ci please smoke test |
|
@swift-ci please build toolchain |
|
@swift-ci please smoke test |
|
@swift-ci please build toolchain |
|
@swift-ci please build toolchain Linux |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Introduce an
unsafeexpression akin totryandawaitthat notes that there are unsafe constructs in the expression to the right-hand side. Extend the effects checker to also check for unsafety along with throwing and async operations. This will result in diagnostics like the following:These will come with a Fix-It that inserts
unsafeinto the proper place. There's also a warning that appears whenunsafedoesn't cover any unsafe code, making it easier to clean up extraneousunsafe.This approach requires that
@unsafebe present on any declaration that involves unsafe constructs within its signature. Outside of the signature, theunsafeexpression is used to identify unsafe code.