https://issues.dlang.org/show_bug.cgi?id=11176
--- Comment #13 from Nick Treleaven <[email protected]> --- (In reply to Steven Schveighoffer from comment #10) > I think you have to just disallow ptr > access in @safe code. That's the only thing that's checkable at > compile-time, and will prevent a @safe inference The following is safe: assert(elem.ptr is null); Even this is safe: i = tmp.ptr - trailing.ptr; Both of these are from Phobos. We only need to prevent dereference of .ptr, and aggressively so. But reading the pointer itself is OK so long as the address doesn't escape to another pointer. --
