https://issues.dlang.org/show_bug.cgi?id=21565
--- Comment #6 from ag0aep6g <ag0ae...@gmail.com> --- (In reply to Paul Backus from comment #2) > The question is: should the value of `t` after `t.x = 5`, in comment 1's > example, be considered an unsafe value? [...] > If we amend the spec as follows: > > > A struct/union instance is safe when: > > > > * the values of its accessible fields are safe, and > > * it does not introduce unsafe aliasing with unions **that is accessible > > from @safe code**. > > ...then `t`'s value becomes safe, and we are allowed to use it in @safe and > @trusted code as long as we are careful not to let @safe code access `t.x` > and `t.y` at the same time. > > I think this interpretation is much more useful, and almost certainly the > intended one, so I suggest that this is really a bug in the spec, not the > implementation. > > [1] https://dlang.org/spec/function.html#safe-interfaces I can say that I did not intend that interpretation when I added "safe aliasing" to the spec. But I might have been overly conservative. Currently, the spec explicitly says that @safe code "Cannot access unions that have pointers or references overlapping with other types."[1] If that's so, then I guess it doesn't matter whether the union's aliasing is safe or not, because @safe code can't access it at all. And I guess it's still okay even if we change that to allow access to the non-pointy bits of the union, because the @safe code just sees another harmless int (or whatever). As far as I can tell, that means all possible union values can be considered safe (just like all ints are safe), and we can remove the parts about "[introducing] unsafe aliasing with unions" from the "save values" section. One must still be careful not to expose the unsafe aliasing to @safe code in other ways, but that's already covered by the spec. I wouldn't have designed it this way, but it seems to be what DMD is going for. [1] https://dlang.org/spec/function.html#safe-functions --