http://d.puremagic.com/issues/show_bug.cgi?id=5176
--- Comment #32 from 9999 <[email protected]> 2013-05-20 02:08:00 PDT --- (In reply to comment #31) > Yes sure. Let's consider the example below : > > struct Foo { > ubyte[512] bar; > } > > struct Buzz { > ubyte[256] pad; > Foo[8] qux; > } > > Buzz* b; > > auto deref1 = (b.qux[7]); // deref below 4kb. > deref1.bar[300]; // offset is bellow 4kb, but teh address is above 4kb. > > If we consider deref address only no check happens here. So it is needed to > base the decision to check or not not based on the actual address, but > according the the maximal address possibly reached. > > In other words, a 4kb+ conglomerate of value types need null check on every > single pointer operation, even the on bellow 4kb. Your example is safe, as it will crash on the first dereference (value semantics). You probably meant something similar to: Buzz* b; auto deref1 = &(b.qux[7]); // take address below 4kb. deref1.bar[300] = 0; // offset is bellow 4kb, but the address is above 4kb. Maybe it's worth adding another case then, when both are true: * Taking an address of an object whose size is above OS' guard page (Buzz in the example). * The referenced object's last available byte offset is above OS' guard page (qux[7]'s last byte in the example). -- Configure issuemail: http://d.puremagic.com/issues/userprefs.cgi?tab=email ------- You are receiving this mail because: -------
