memcpy() comparison: C, Rust, and D
Walter Bright via Digitalmars-d
digitalmars-d at puremagic.com
Wed Feb 1 13:25:38 PST 2017
On 2/1/2017 6:39 AM, Cody Laeder wrote:
> The _traditional_ C-like memcpy [3] in the stdlib. It is unsafe, and carries no
> side effects for the src buffer. It enforces type safety, but it cannot enforce
> memory safety as you can blow past the allocation side on your dst buffer (hence
> why it is unsafe).
It also does not guarantee the function does not save a copy of those pointers
and dereference them later.
Programmers "know" this to be true for memcpy, but the compiler cannot know this
from the Rust (or C) declaration. The D version does present this guarantee by
annotating it with 'pure'.
This matters because such a saved pointer can become a dangling reference - a
memory corruption bug waiting to happen.
[Note: in Rust, functions marked 'unsafe' may store copies of their arguments in
globals. 'safe' functions may not access mutable global storage.]
More information about the Digitalmars-d
mailing list