[Issue 15672] Casting from void[] to T[] is erroneously considered @safe
via Digitalmars-d-bugs
digitalmars-d-bugs at puremagic.com
Fri Feb 19 11:18:15 PST 2016
https://issues.dlang.org/show_bug.cgi?id=15672
--- Comment #1 from hsteoh at quickfur.ath.cx ---
It's not necessarily safe to cast from void[] to immutable(T)[]. Consider:
-----
int[] a = [ 12345, 54321 ];
void[] b = a; // any array can implicitly convert to void[]
immutable(Object)[] c = cast(immutable(Object)[]) b; // suppose this was
allowed
b[0].toString(); // illegal pointer dereference
-----
In order to ensure @safety, we cannot allow reinterpreting *anything* as a
pointer, that wasn't already a pointer of the same type, and with the same
attributes.
Note that it's not @safe even to convert from a pointer of the same type but
different attributes. For instance:
-----
alias safeFunc = void function() @safe;
alias unsafeFunc = void function() @system;
void main() @safe {
unsafeFunc[] unsafePtrs = [ &unsafeFunc ];
void[] voidPtrs = unsafePtrs; // OK, everything converts to void[]
implicitly
auto arr = cast(immutable(safeFunc)[]) voidPtrs; // OK to convert func ptrs
to func ptrs, right?
arr[0](); // oops, we just called a @system function from @safe code
}
-----
The void[] step is not necessary, but illustrates the danger of allowing
conversions from void[] to immutable(T)[].
--
More information about the Digitalmars-d-bugs
mailing list