Release D 2.079.0
Steven Schveighoffer
schveiguy at yahoo.com
Tue Mar 6 13:09:00 UTC 2018
On 3/6/18 2:11 AM, Jonathan M Davis wrote:
> On Tuesday, March 06, 2018 05:34:39 psychoticRabbit via Digitalmars-d-
> announce wrote:
>> On Tuesday, 6 March 2018 at 05:22:58 UTC, Void-995 wrote:
>>> Can somebody explain how &array[0] is more safe than array.ptr?
>>> Just want to understand why second statement isn't allowed in
>>> safe anymore.
>>
>> int[] a;
>> writeln(&arr[0]); // good - runtime produces a
>> core.exception.RangeError
>> //writeln(arr.ptr); // what do you think will happen here?
>
> That example actually should be perfectly @safe, because the array is null,
> and it's using writeln. Dereferencing null is @safe, because it segfaults
> and thus can't corrupt memory or access invalid memory. You obviously don't
> want it to happen, but it's @safe. Also, passing a pointer to writeln is
> fine, because it's just going to print the value, so that's @safe too, even
> if the pointer value is garbage.
Yeah, a better example:
struct S
{
size_t[1] x;
int *bad;
}
void foo() @safe
{
S s;
auto arr = s.x[$ .. $];
// int *p = &arr[0]; // would throw range error
auto p = arr.ptr; // this now points at bad
*p = 0xdeadbeef;
*s.bad = 5; // oops
}
-Steve
More information about the Digitalmars-d-announce
mailing list