[Issue 21565] @safe code allows modification of a scalar that overlaps with a pointer
d-bugmail at puremagic.com
d-bugmail at puremagic.com
Thu Jan 21 17:45:58 UTC 2021
https://issues.dlang.org/show_bug.cgi?id=21565
--- Comment #11 from Paul Backus <snarwin+bugzilla at gmail.com> ---
> Read-only access is fine. Write access is not.
Again, on what grounds do you make this claim? Can writing to the integer
member cause undefined behavior in @safe-only code? If so, please provide an
example.
> I just don't know what the definition of "sensical" means, based on your
> prior messages. What rules do you have in mind?
What I have in mind is to change the definition of "unsafe value" for unions to
the following:
> A struct/union instance is safe when:
>
> * the values of its accessible fields are safe, and
> * it does not introduce unsafe aliasing with unions that is accessible
> from @safe code.
This change does not, as far as I can tell, introduce unsoundness into the
language. It does not allow undefined behavior to occur in @safe code. If you
believe I am mistaken about this, please correct me.
The reason I call this "sensical" is that *unnecessarily* excluding values from
the definition of "safe value" makes the language more difficult to use without
any benefit to soundness or memory-safety. Ideally, we would like @safe to
impose on the programmer only those restrictions that are truly necessary in
order to avoid undefined behavior.
--
More information about the Digitalmars-d-bugs
mailing list