https://issues.dlang.org/show_bug.cgi?id=22522
Issue ID: 22522
Summary: [dip1000] Creating interior pointers allowed in @safe
Product: D
Version: D2
Hardware: All
OS: All
Status: NEW
Severity: normal
Priority: P1
Component: dmd
Assignee: [email protected]
Reporter: [email protected]
The garbage collection specification (https://dlang.org/spec/garbage.html)
mentions it's undefined behavior to have interior pointers in a struct:
> Do not have pointers in a struct instance that point back to the same
> instance.
> The trouble with this is if the instance gets moved in memory, the pointer
> will
> point back to where it came from, with likely disastrous results.
Undefined behavior is not allowed in `@safe` code, but creating an interior
pointer is, which can break dip1000:
```
// compile with -preview=dip1000
@safe:
struct S {
int storage;
int* ptr;
this(int dummy) {
ptr = &storage;
}
int* get() return scope {
return ptr;
}
}
int* escape() {
S s = S(0);
return s.get; // escapes a pointer to stack variable `s`
}
```
--
