Shouldn't casting an object to void* be considered @safe?
ag0aep6g
anonymous at example.com
Sun Dec 15 11:14:25 UTC 2019
On 15.12.19 10:32, Joseph Rushton Wakeling wrote:
> BTW, note that the spec defines a @safe function as one that has been
> statically checked to exhibit no undefined behaviour.
>
> Casting from an non-pointer type to a pointer seems a pretty good
> example of something that makes it impossible to statically confirm that
> no undefined behaviour is taking place.
The other side is saying it's possible for void*. It goes like this:
1) By itself, an invalid pointer doesn't exhibit UB.
2) Dereferencing an invalid pointer does exhibit UB.
3) There is no other way to trigger UB with an invalid pointer.
4) Dereferencing void* isn't allowed in @safe code.
Conclusion: An invalid void* cannot lead to UB in @safe code. So casting
anything to void* can be allowed there.
I'm pretty sure that sentences 1, 2, and 4 are correct. Number 3 seems
to be the interesting one. A counter-example (using an invalid pointer
to trigger UB without dereferencing the pointer) would shut the argument
down.
More information about the Digitalmars-d
mailing list