Escape Analysis & Owner Escape Analysis
Richard (Rikki) Andrew Cattermole
richard at cattermole.co.nz
Wed Sep 4 14:55:55 UTC 2024
On 05/09/2024 2:28 AM, IchorDev wrote:
> On Tuesday, 3 September 2024 at 03:00:20 UTC, Richard (Rikki) Andrew
> Cattermole wrote:
>> An example of this is with a global, in the case of a variable thread
>> local storage, it is possible in fully ``@safe`` code with DIP1000
>> turned on to cause a segfault.
>>
>> ```d
>> import std;
>>
>> int* tlsGlobal;
>>
>> @safe:
>>
>> void main() {
>> tlsGlobal = new int(2);
>> assert(*tlsGlobal == 2);
>>
>> toCall();
>> assert(*tlsGlobal == 2); // Segfault
>> }
>>
>> void toCall() {
>> tlsGlobal = null;
>> }
>> ```
>
> But aren’t segfault always meant to be @safe anyway?
> ```d
> int* x;
> void main() @safe{
> auto y = *x;
> }
> ```
In theory yes it's perfectly safe. However this example isn't meant to
show that a solution to nullability is needed, but instead to show that
you cannot make assumptions based upon what code is locally analyzed for
things outside of it.
To assume that a non-function local variable will have a value that is
known to the analysis over the course of a function body isn't correct
and that pokes a massive hole in the analysis capabilities.
More information about the dip.ideas
mailing list