https://issues.dlang.org/show_bug.cgi?id=18529
Steven Schveighoffer <schvei...@yahoo.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |schvei...@yahoo.com --- Comment #10 from Steven Schveighoffer <schvei...@yahoo.com> --- (In reply to anonymous4 from comment #8) > Should go through trusted wrapper. > printf is a @system function and can't be called from safe code, arguments > don't even matter. Yes, most of this argument is moot unless you find a better example. The rational behind disallowing .ptr is simple: We want to be able to use pointers in safe D (disallowing them is too crippling). To that end we allow dereferencing a pointer, but not indexing a pointer. In order for this to work, we must ensure that safe code cannot create a dangling pointer. That is, the pointer MUST point at valid data, or point at null. An array with zero length does not generate a known-valid pointer with .ptr, therefore it's disallowed. Using &arr[0] works because it's first bounds-checked that the first element exists. --