On 3/6/18 2:11 AM, Jonathan M Davis wrote:
On Tuesday, March 06, 2018 05:34:39 psychoticRabbit via Digitalmars-d-
announce wrote:
On Tuesday, 6 March 2018 at 05:22:58 UTC, Void-995 wrote:
Can somebody explain how &array[0] is more safe than array.ptr?
Just want to understand why second statement isn't allowed in
safe anymore.

int[] a;
writeln(&arr[0]); // good - runtime produces a
core.exception.RangeError
//writeln(arr.ptr); // what do you think will happen here?

That example actually should be perfectly @safe, because the array is null,
and it's using writeln. Dereferencing null is @safe, because it segfaults
and thus can't corrupt memory or access invalid memory. You obviously don't
want it to happen, but it's @safe. Also, passing a pointer to writeln is
fine, because it's just going to print the value, so that's @safe too, even
if the pointer value is garbage.

Yeah, a better example:

struct S
{
   size_t[1] x;
   int *bad;
}

void foo() @safe
{
   S s;
   auto arr = s.x[$ .. $];
   // int *p = &arr[0]; // would throw range error
   auto p = arr.ptr; // this now points at bad
   *p = 0xdeadbeef;
   *s.bad = 5; // oops
}

-Steve

Reply via email to