• d-bugmail puremagic.com (36/39) Nov 18 2021 https://issues.dlang.org/show_bug.cgi?id=22522

d-bugmail puremagic.com writes:

https://issues.dlang.org/show_bug.cgi?id=22522

          Issue ID: 22522
           Summary: [dip1000] Creating interior pointers allowed in  safe
           Product: D
           Version: D2
          Hardware: All
                OS: All
            Status: NEW
          Severity: normal
          Priority: P1
         Component: dmd
          Assignee: nobody puremagic.com
          Reporter: dkorpel live.nl

The garbage collection specification (https://dlang.org/spec/garbage.html)
mentions it's undefined behavior to have interior pointers in a struct:

 Do not have pointers in a struct instance that point back to the same
instance. 
 The trouble with this is if the instance gets moved in memory, the pointer
will 
 point back to where it came from, with likely disastrous results. 

Undefined behavior is not allowed in ` safe` code, but creating an interior
pointer is, which can break dip1000:

```
// compile with -preview=dip1000
 safe:
struct S {
    int storage;
    int* ptr;

    this(int dummy) {
        ptr = &storage;
    }

    int* get() return scope {
        return ptr;
    }
}

int* escape() {
    S s = S(0);
    return s.get; // escapes a pointer to stack variable `s`
}
```

--