Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
D (programming language)
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
===SafeD=== SafeD<ref name="SafeD">{{cite web |title=SafeD β D Programming Language |url=http://dlang.org/safed.html |author=Bartosz Milewski |access-date=17 July 2014}}</ref> is the name given to the subset of D that can be guaranteed to be [[Memory safety|memory safe]]. Functions marked <code>@safe</code> are checked at compile time to ensure that they do not use any features, such as pointer arithmetic and unchecked casts, that could result in corruption of memory. Any other functions called must also be marked as <code>@safe</code> or <code>@trusted</code>. Functions can be marked <code>@trusted</code> for the cases where the compiler cannot distinguish between safe use of a feature that is disabled in SafeD and a potential case of memory corruption.<ref>{{cite web |title=How to Write @trusted Code in D |url=https://dlang.org/blog/2016/09/28/how-to-write-trusted-code-in-d/ |author=Steven Schveighoffer |date=28 September 2016 |access-date=4 January 2018}}</ref> ====Scope lifetime safety==== Initially under the banners of DIP1000<ref>{{Cite web|url=https://github.com/dlang/DIPs/blob/master/DIPs/other/DIP1000.md|title=Scoped Pointers|website=[[GitHub]]|date=3 April 2020}}</ref> and DIP25<ref>{{Cite web|url=https://wiki.dlang.org/DIP25|title=Sealed References}}</ref> (now part of the language specification<ref>{{Cite web|url=https://dlang.org/spec/function.html#return-scope-parameters|title=D Language Specification: Functions - Return Scope Parameters}}</ref>), D provides protections against certain ill-formed constructions involving the lifetimes of data. The current mechanisms in place primarily deal with function parameters and stack memory however it is a stated ambition of the leadership of the programming language to provide a more thorough treatment of lifetimes within the D programming language<ref>{{Cite web|url=https://dlang.org/blog/2019/07/15/ownership-and-borrowing-in-d/|title=Ownership and Borrowing in D|date=15 July 2019}}</ref> (influenced by ideas from [[Rust (programming language)|Rust programming language]]). ====Lifetime safety of assignments==== Within @safe code, the lifetime of an assignment involving a [[reference type]] is checked to ensure that the lifetime of the assignee is longer than that of the assigned. For example: <syntaxhighlight lang="D"> @safe void test() { int tmp = 0; // #1 int* rad; // #2 rad = &tmp; // If the order of the declarations of #1 and #2 is reversed, this fails. { int bad = 45; // The lifetime of "bad" only extends to the scope in which it is defined. *rad = bad; // This is valid. rad = &bad; // The lifetime of rad is longer than bad, hence this is not valid. } } </syntaxhighlight> ====Function parameter lifetime annotations within @safe code==== When applied to function parameter which are either of pointer type or references, the keywords ''return'' and ''scope'' constrain the lifetime and use of that parameter. The language standard dictates the following behaviour:<ref>{{Cite web|url=https://dlang.org/spec/function.html#param-storage|title=D Language Specification: Functions - Function Parameter Storage Classes}}</ref> {| class="wikitable" |+ !Storage Class !Behaviour (and constraints to) of a parameter with the storage class |- |''scope'' |References in the parameter cannot be escaped. Ignored for parameters with no references |- |''return'' |Parameter may be returned or copied to the first parameter, but otherwise does not escape from the function. Such copies are required not to outlive the argument(s) they were derived from. Ignored for parameters with no references |} An annotated example is given below.<syntaxhighlight lang="D"> @safe: int* gp; void thorin(scope int*); void gloin(int*); int* balin(return scope int* p, scope int* q, int* r) { gp = p; // Error, p escapes to global variable gp. gp = q; // Error, q escapes to global variable gp. gp = r; // OK. thorin(p); // OK, p does not escape thorin(). thorin(q); // OK. thorin(r); // OK. gloin(p); // Error, p escapes gloin(). gloin(q); // Error, q escapes gloin(). gloin(r); // OK that r escapes gloin(). return p; // OK. return q; // Error, cannot return 'scope' q. return r; // OK. } </syntaxhighlight>
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)