Leandro Lucarella wrote:
Walter Bright, el 3 de noviembre a las 16:21 me escribiste:
Andrei Alexandrescu wrote:
Sketch of the safe rules:
\begin{itemize*}
\item No @cast@ from a pointer type to an integral type and vice versa
replace integral type with non-pointer type.
\item No @cast@ between unrelated pointer types
\item Bounds checks on all array accesses
\item No unions that include a reference type (array, @class@,
pointer, or @struct@ including such a type)
pointers are not a reference type. Replace "reference type" with
"pointers or reference types".
Strictly speaking, arrays are not reference types either, right?
Ok, in order to not create confusion, I changed that. Here's the new
list with one added item:
\begin{itemize*}
\item No @cast@ from a pointer type to a non-pointer type (e....@int@)
and vice versa
\item No @cast@ between unrelated pointer types
\item Bounds checks on all array accesses
\item No unions that include pointer type, a @class@ type, an array
type, or a @struct@ embedding such a type
\item No pointer arithmetic
\item Taking the address of a local is forbidden (in fact the needed
restriction is to not allow such an address to escape, but that is
more difficult to track)
\item Cross-module function calls must only go to other @safe@ modules
\item No inline assembler
\item No casting away of @const@, @immutable@, or @shared@
\item No calls to unsafe functions
\end{itemize*}
Andrei
