@safe inference fundamentally broken
Steven Schveighoffer via Digitalmars-d
digitalmars-d at puremagic.com
Thu Jun 5 12:57:08 PDT 2014
On Thu, 05 Jun 2014 15:54:33 -0400, Steven Schveighoffer
<schveiguy at yahoo.com> wrote:
> On Thu, 05 Jun 2014 15:48:09 -0400, Steven Schveighoffer
> <schveiguy at yahoo.com> wrote:
>
>> On Thu, 05 Jun 2014 15:34:13 -0400, monarch_dodra
>> <monarchdodra at gmail.com> wrote:
>>
>>> On Thursday, 5 June 2014 at 19:27:56 UTC, Steven Schveighoffer wrote:
>>>> On Thu, 05 Jun 2014 14:47:54 -0400, deadalnix
>>>>> T[] arr = [ ... ];
>>>>> arr = arr[$ .. $];
>>>>> auto garbage = *(arr.ptr);
>>>>
>>>> Believe it or not, this is actually safe.
>>>
>>> What do you mean by "is actually safe" ? In the "can you actually
>>> believe this obviously wrong code is marked as safe" or "this code
>>> that looks wrong is actually perfectly safe"?
>>
>> It's safe because of the implementation of arrays. There is always one
>> sentinel byte that cannot be used for the block of data. This is why
>> when you allocate e.g. 8 ints, it goes into a 32-byte block.
>
> I take it back, it could be unsafe. You could have e.g. a 12 byte struct
> be T, and then the last "element" could extend through the end of the
> block.
A possible fix could be to reject the call to ptr at runtime if the slice
is empty.
-Steve
More information about the Digitalmars-d
mailing list