[Issue 21565] @safe code allows modification of a scalar that overlaps with a pointer
d-bugmail at puremagic.com
d-bugmail at puremagic.com
Thu Jan 21 04:15:41 UTC 2021
https://issues.dlang.org/show_bug.cgi?id=21565
--- Comment #4 from Paul Backus <snarwin+bugzilla at gmail.com> ---
Consider the following example:
---
union T { int x; int* y; }
@trusted void example(T t)
{
import std.stdio;
t.x = 123;
writeln(t.x);
t.y = new int;
writeln(t.y);
}
---
This code is memory-safe. It contains no undefined behavior. Any @safe function
can call this code with any possible value of `t`, and it will not corrupt
memory. It also accesses both members of `t` and would not compile if annotated
with @safe (i.e., it does not "follow the @safe rules").
The *intent* of the spec is clearly to allow code like this to be marked as
@trusted. If the current wording of the spec does not allow that, then the
spec's wording does not match its intent, and the wording should be changed.
--
More information about the Digitalmars-d-bugs
mailing list