What's the D equivalence?
tsbockman
thomas.bockman at gmail.com
Fri Mar 5 21:09:38 UTC 2021
On Friday, 5 March 2021 at 15:22:51 UTC, Paul Backus wrote:
> On Friday, 5 March 2021 at 15:17:29 UTC, Imperatorn wrote:
>> On Friday, 5 March 2021 at 13:09:26 UTC, Jacob Carlborg wrote:
>>> One thing that is missing in D is runtime error on
>>> dereferencing a null pointer. D relies on the platform to
>>> trigger a segmentation fault. Of course, there are some
>>> platforms that don't do that.
>>>
>>> --
>>> /Jacob Carlborg
>>
>> Ok, that's fine though imo.
>
> It's actually a bit problematic because @safe relies on the
> fact that dereferencing a null pointer has defined behavior
> (i.e., it crashes the program). On platforms that don't
> guarantee this, D currently allows undefined behavior in @safe
> code.
Also, the guard region is of finite size and can be bypassed to
potentially silently corrupt memory when accessing the interior
of a sufficiently large type:
void sowChaos(size_t length)(int[length]* ptr) @safe {
(*ptr)[length - 1] = 0xBAD; }
If (int.sizeof * (length - 1)) happens to be the address of
memory writable by the current process, this will do bad things.
More information about the Digitalmars-d
mailing list