https://issues.dlang.org/show_bug.cgi?id=15672

hsteoh@quickfur.ath.cx changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
           Keywords|                            |safe
                 CC|                            |hsteoh@quickfur.ath.cx
           Severity|enhancement                 |major

--

https://issues.dlang.org/show_bug.cgi?id=15672

--- Comment #1 from hsteoh@quickfur.ath.cx ---
It's not necessarily safe to cast from void[] to immutable(T)[]. Consider:
-----
int[] a = [ 12345, 54321 ];
void[] b = a;  // any array can implicitly convert to void[]
immutable(Object)[] c = cast(immutable(Object)[]) b; // suppose this was
allowed
b[0].toString(); // illegal pointer dereference
-----

In order to ensure @safety, we cannot allow reinterpreting *anything* as a pointer, that wasn't already a pointer of the same type, and with the same attributes.

Note that it's not @safe even to convert from a pointer of the same type but different attributes. For instance:
-----
alias safeFunc = void function() @safe;
alias unsafeFunc = void function() @system;

void main() @safe {
    unsafeFunc[] unsafePtrs = [ &unsafeFunc ];
    void[] voidPtrs = unsafePtrs; // OK, everything converts to void[]
implicitly
    auto arr = cast(immutable(safeFunc)[]) voidPtrs; // OK to convert func ptrs
to func ptrs, right?
    arr[0](); // oops, we just called a @system function from @safe code
}
-----

The void[] step is not necessary, but illustrates the danger of allowing conversions from void[] to immutable(T)[].

--

https://issues.dlang.org/show_bug.cgi?id=15672

hsteoh@quickfur.ath.cx changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
           Hardware|x86_64                      |All
                 OS|Windows                     |All

--

https://issues.dlang.org/show_bug.cgi?id=15672

--- Comment #2 from Chris Wright <dhasenan@gmail.com> ---
Right. I meant that we add a restriction that you can't cast void[] to mutable(T)[], keeping existing restrictions in place.

--

https://issues.dlang.org/show_bug.cgi?id=15672

Walter Bright <bugzilla@digitalmars.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
           Keywords|                            |pull
                 CC|                            |bugzilla@digitalmars.com

--- Comment #3 from Walter Bright <bugzilla@digitalmars.com> ---
https://github.com/dlang/dmd/pull/5876

--

https://issues.dlang.org/show_bug.cgi?id=15672

--- Comment #4 from github-bugzilla@puremagic.com ---
Commits pushed to master at https://github.com/dlang/dmd

https://github.com/dlang/dmd/commit/b23203607189a00227ac9636f4b4347fe85f81bf fix Issue 15672 - Casting from void[] to T[] is erroneously considered @safe

https://github.com/dlang/dmd/commit/5ca4b331c4ce3b096b04b98edaacd97dc246c9c1 Merge pull request #5876 from WalterBright/fix15672

fix Issue 15672 - Casting from void[] to T[] is erroneously considere…

--

https://issues.dlang.org/show_bug.cgi?id=15672

github-bugzilla@puremagic.com changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|---                         |FIXED

--

https://issues.dlang.org/show_bug.cgi?id=15672

--- Comment #5 from github-bugzilla@puremagic.com ---
Commits pushed to stable at https://github.com/dlang/dmd

https://github.com/dlang/dmd/commit/b23203607189a00227ac9636f4b4347fe85f81bf fix Issue 15672 - Casting from void[] to T[] is erroneously considered @safe

https://github.com/dlang/dmd/commit/5ca4b331c4ce3b096b04b98edaacd97dc246c9c1 Merge pull request #5876 from WalterBright/fix15672

--