Shouldn't casting an object to void* be considered @safe?
Dennis
dkorpel at gmail.com
Sun Dec 15 11:28:35 UTC 2019
On Sunday, 15 December 2019 at 09:15:39 UTC, Joseph Rushton
Wakeling wrote:
> Which brings us back to the start of the discussion: @safe
> checks are not just about the strictest definition of memory
> safety, but also about actions that open up a path to unsafe
> behaviour unless they are carefully validated.
You can demonstrate that by giving a piece of @trusted code that
is correct when @safe casting to cast(void*) is disallowed and
incorrect when it is allowed. My guess is that you haven't done
that, because cast(void*) doesn't actually open up any paths to
unsafe behavior that weren't previously there. I love to be
proven wrong about this though.
> You may not accept the principle but that is the reality of the
> spec.
What part of the spec are you referring to? I'm mostly concerned
with:
> Memory safety does not imply that code is portable, uses only
> sound programming practices, is free of byte order
> dependencies, or other bugs. It is focussed only on eliminating
> memory corruption possibilities.
https://dlang.org/spec/memory-safe-d.html#limitations
More information about the Digitalmars-d
mailing list