checkedint call removal
Walter Bright via Digitalmars-d
digitalmars-d at puremagic.com
Sun Aug 3 08:10:20 PDT 2014
On 8/2/2014 1:23 PM, Andrei Alexandrescu wrote:
> Assume we choose that, there's still murky ground:
>
> @system fun(int[] p) {
> gun(p.ptr + p.length);
> }
>
> @safe gun(int* p) {
> if (p) *p = 42;
> }
>
> This passes semantic checking but is unsafe and unsafety is in the @safe
> code. Well, that's fine, we might say. The problem is this works against
> our stance that "inspect @system code by hand, @safe code will take care
> of itself". The problem is that pointers just past the end have this
> weird property "the pointer is okay but not for dereferencing".
We could establish a rule for @safe that function arguments that are
pointers must be pointers to valid memory, not past the end.
More information about the Digitalmars-d
mailing list