Menu
Search

Forums

Forum Index

November 18, 2021
Gravatar of dkorpel@live.nlPosted by dkorpel@live.nlReply
dkorpel@live.nl
Gravatar of dkorpel@live.nl


Reply
https://issues.dlang.org/show_bug.cgi?id=22522

          Issue ID: 22522
           Summary: [dip1000] Creating interior pointers allowed in @safe
           Product: D
           Version: D2
          Hardware: All
                OS: All
            Status: NEW
          Severity: normal
          Priority: P1
         Component: dmd
          Assignee: nobody@puremagic.com
          Reporter: dkorpel@live.nl

The garbage collection specification (https://dlang.org/spec/garbage.html) mentions it's undefined behavior to have interior pointers in a struct:

> Do not have pointers in a struct instance that point back to the same instance. The trouble with this is if the instance gets moved in memory, the pointer will point back to where it came from, with likely disastrous results.

Undefined behavior is not allowed in `@safe` code, but creating an interior pointer is, which can break dip1000:

```
// compile with -preview=dip1000
@safe:
struct S {
    int storage;
    int* ptr;

    this(int dummy) {
        ptr = &storage;
    }

    int* get() return scope {
        return ptr;
    }
}

int* escape() {
    S s = S(0);
    return s.get; // escapes a pointer to stack variable `s`
}
```

--