Shouldn't casting an object to void* be considered @safe?
Joseph Rushton Wakeling
joseph.wakeling at webdrake.net
Sat Dec 14 23:48:38 UTC 2019
On Saturday, 14 December 2019 at 20:53:49 UTC, Dennis wrote:
>> No, that won't do. What if you cast from a `ulong` to a
>> `void*`?
>
> That is `@safe`, unless there is a way to corrupt memory in
> `@safe` code by doing that.
No, it is not @safe, and for good reason. When you cast an
integral value to a `void*` that value gets reinterpreted as a
memory address. But you have absolutely no right to assume that
it is a valid memory address.
ulong u = 8;
auto v = cast(void*) u;
... is totally unsafe, and the compiler rightly rejects it if you
try to do that in a code block marked @safe. But you shouldn't
need the compiler to tell you to know that this is a really
messed up thing to do. How do you know that memory address 8 is
in any way valid?
Things like this are WHY the spec has the rule that one cannot
cast from a non-pointer type to `void*` in code marked @safe.
More information about the Digitalmars-d
mailing list