[swift-evolution] [Review] SE-0016 - Adding initializers to Int and UInt to convert from UnsafePointer and UnsafeMutablePointer
Dan Raviv
dan.raviv at gmail.com
Mon Mar 28 14:24:23 CDT 2016
On Tue, Mar 22, 2016 at 11:35 PM, Chris Lattner via swift-evolution <
swift-evolution at swift.org> wrote:
> Hello Swift community,
>
> The review of "Adding initializers to Int and UInt to convert from
> UnsafePointer and UnsafeMutablePointer" begins now and runs through March
> 25th. The proposal is available here:
>
>
> https://github.com/apple/swift-evolution/blob/master/proposals/0016-initializers-for-converting-unsafe-pointers-to-ints.md
>
> Reviews are an important part of the Swift evolution process. All reviews
> should be sent to the swift-evolution mailing list at:
> https://lists.swift.org/mailman/listinfo/swift-evolution
> or, if you would like to keep your feedback private, directly to the
> review manager.
>
>
> What goes into a review?
>
> The goal of the review process is to improve the proposal under review
> through constructive criticism and, eventually, determine the direction of
> Swift. When writing your review, here are some questions you might want to
> answer in your review:
>
> * What is your evaluation of the proposal?
>
-1. While it is tempting to have the full power of converting pointers to
ints, it's a recipe for security issues as already mentioned.
> * Does this proposal fit well with the feel and direction of Swift?
>
No. Swift feels safer than doing raw pointer arithmetic.
I'm for the alternative mentioned in the proposal (comments inline):
...The next alternative was to add functions to Unsafe[Mutable]Pointer which
covered the identified pointer arithmetic cases. This alternative was
rejected because it either would have required us to imagine every use-case
of pointer arithmetic [...] or it would have required adding a full suite
of arithmetic and bitwise operators to Unsafe[Mutable]Pointer.
I think the full suite is worth eliminating potential raw pointer
arithmetic bugs.
Because some of these operations are defined only on signed integers, and
others on unsigned, it would have required splitting
Unsafe[Mutable]Pointer into
signed and unsigned variants, which would have complicated things for users
who did not need to do pointer arithmetic.
What operations are defined only on signed/unsigned ints?
Additionally, the implementations of these operations would have probably
converted the pointers to integers, perform a single operation, and then
convert them back. When chaining operations, this would create a lot of
unnecessary conversions.
Isn't that for the optimizer to optimize?
* How much effort did you put into your review? A glance, a quick
> reading, or an in-depth study?
>
A quick reading.
>
> More information about the Swift evolution process is available at
>
> https://github.com/apple/swift-evolution/blob/master/process.md
>
> Thank you,
>
> -Chris Lattner
> Review Manager
> _______________________________________________
> swift-evolution mailing list
> swift-evolution at swift.org
> https://lists.swift.org/mailman/listinfo/swift-evolution
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.swift.org/pipermail/swift-evolution/attachments/20160328/9097680a/attachment.html>
More information about the swift-evolution
mailing list